Lawrence Abrams reports: Over 500 hundred thousand Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free. These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data…
Category: Commentaries and Analyses
A business associate’s response to a breach raises questions of timeliness
I know we’re in the middle of a pandemic, but an incident involving Avalon Health Care Management occurred before all that. And once again, I find myself scratching my head over the timeline in a notification and how Health & Human Services/Office for Civil Rights will view the timeline in terms of compliance with the…
BlackBerry Says Govt Hackers Stole World’s Sensitive Data For 10 Years
Sarthak Dogra reports: BlackBerry Ltd. has come up with a sensational report that indicates that Chinese state sponsored hackers have been stealing data from computers across the globe for almost around a decade. A major reason for this unnoticed attack is its target, Linux operating systems. Blackberry makes the claim in a new 44-page long report. It claims…
Doctor’s Claims Against Employee Over Stolen Hard Drive Revived
Mary Anne Pazanowski reports: A Utah physician can proceed with several claims against a former employee who allegedly stole a computer hard drive containing patient information and used it to support a False Claims Act complaint against the physician, a federal court in the state said. Sherman Sorensen’s second amended complaint alleged enough facts to…
A Hacker’s Scheme is “Forthright;” Thus, No Computer Fraud Coverage for Ransomware Attacks
From the good-to-know dept., Timothy A. Carroll and Joshua A. Mooney of White and Williams LLP write: A computer hacker may engage in malicious and criminal conduct, but that doesn’t mean that the conduct is “fraudulent.” In G&G Oil Company v. Continental Western Ins. Co., 2020 Ind. App. LEXIS 126 (Ind. Ct. App. Mr. 31, 2020),…
COVID-19 Exploited by Malicious Cyber Actors (Alert (AA20-099A)
Summary This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC). This alert provides information on exploitation by cybercriminal and advanced persistent threat (APT) groups of the current coronavirus disease 2019 (COVID-19) global pandemic. It includes…