Catalin Cimpanu reports: The operators of the Nemty ransomware have announced this week they were shutting down their service after ten months in operation, ZDNet has learned from a source in the infosec community. […] But in an update posted on a dedicated topic on the Exploit hacking forum, the Nemty operator announced yesterday they…
Category: Commentaries and Analyses
You’re One Misconfiguration Away from a Cloud-Based Data Breach
Suresh Kasinathan writes: Not all instances of data exposure in the cloud are the product of malicious intentions from either internal or external actors. In its “2019 Data Breach Investigations Report” (DBIR), for instance, Verizon Enterprise showed that errors constituted one of the top causes in the data breaches it examined. Verizon’s researchers attributed 21%…
Another Court Significantly Limits the Scope of Criminal CFAA–Sandvig v. Barr
Eric Goldman writes: The plaintiffs want to create fake job profiles to research algorithmic discrimination. Fearing that their research activities would expose them to criminal CFAA prosecution, they challenged the CFAA as violating their First Amendment rights. Venkat blogged a preliminary ruling in the case 2 years ago. Now, the court dismisses the researchers’ suit as moot…
Over 500,000 Zoom accounts sold on hacker forums, the dark web
Lawrence Abrams reports: Over 500 hundred thousand Zoom accounts are being sold on the dark web and hacker forums for less than a penny each, and in some cases, given away for free. These credentials are gathered through credential stuffing attacks where threat actors attempt to login to Zoom using accounts leaked in older data…
A business associate’s response to a breach raises questions of timeliness
I know we’re in the middle of a pandemic, but an incident involving Avalon Health Care Management occurred before all that. And once again, I find myself scratching my head over the timeline in a notification and how Health & Human Services/Office for Civil Rights will view the timeline in terms of compliance with the…
BlackBerry Says Govt Hackers Stole World’s Sensitive Data For 10 Years
Sarthak Dogra reports: BlackBerry Ltd. has come up with a sensational report that indicates that Chinese state sponsored hackers have been stealing data from computers across the globe for almost around a decade. A major reason for this unnoticed attack is its target, Linux operating systems. Blackberry makes the claim in a new 44-page long report. It claims…