Doug Levin recently wrote on Infosec.Exchange: Rant incoming. The frequency with which I read folks asserting that ‘education’ and in particular ‘U.S. K-12 schools’ are the most frequent ransomware target is so frustrating. Of course, that’s a nonsense assertion – and not supported by any reasonable read of the data. It is almost like the…
Category: Commentaries and Analyses
The State of Ransomware in the U.S.: Report and Statistics 2023
Data analyses and commentary by Emsisoft begins: “From 2016 to 2021, we estimate that ransomware attacks killed between 42 and 67 Medicare patients.” — McGlave, Neprash, and Nikpay; University of Minnesota School of Public Health1 In 2023, the U.S. was once again battered by a barrage of financially-motivated ransomware attacks that denied Americans access to…
Operation Triangulation: The last (hardware) mystery
Boris Lairn reports: Today, on December 27, 2023, we (Boris Larin, Leonid Bezvershenko, and Georgy Kucherin) delivered a presentation, titled, “Operation Triangulation: What You Get When Attack iPhones of Researchers”, at the 37th Chaos Communication Congress (37C3), held at Congress Center Hamburg. The presentation summarized the results of our long-term research into Operation Triangulation, conducted with our…
Parathon by JDA e-Health: what we still don’t know about their July ransomware incident
On August 1, DataBreaches noticed that Parathon by JDA e-Health had been listed on the Akira ransomware leak site. Neither Akira nor Parathon responded to DataBreaches’ inquiries at the time, as DataBreaches reported on August 6. On October 30, Parathon issued a notice of security incident. The notice stated, in part: On July 27, 2023,…
The biggest cybersecurity and cyberattack stories of 2023
Lawrence Abrams writes: 2023 was a big year for cybersecurity, with significant cyberattacks, data breaches, new threat groups emerging, and, of course, zero-day vulnerabilities. Some stories, though, were more impactful or popular with our 22 million readers than others. Below are fourteen of what BleepingComputer believes are the most impactful cybersecurity stories of 2023, with…
Cyber sleuths reveal how they infiltrate the biggest ransomware gangs
Conor James reports: When AlphV/BlackCat’s website went dark this month, it was like Chrimbo came early for cybersecurity defenders, some of whom seemingly believed law enforcement had busted one of the most menacing cyber criminal crews. The excitement lasted just five days, though, and its website is now back online, albeit in worse shape than…