April 28, 2023 New Data Breaches from Cl0p and Lockbit Ransomware Groups Executive Summary Ransomware-as-a-service (RaaS) groups Cl0p and Lockbit recently conducted several distinct attacks, exploiting three known vulnerabilities (CVE-2023-27351, CVE-2023-27350, and CVE-2023-0669). The Cybersecurity and Infrastructure Security Agency (CISA) added the latter two vulnerabilities to its Known Exploited Vulnerabilities Catalog but has not yet…
Category: Commentaries and Analyses
BakerHostetler’s 9th annual Data Security Incident Response Report
BakerHostetler’s annual report is out, and as always, it is a great read because it provides statistics and analysis of the more than 1,100 data breach incidents the law firm handled in 2022. Ted Kobus provides a bit of the history of the firm’s Digital Assets and Management Group. Here’s just one graphic from the…
Stronger cybersecurity, reducing cyber incidents, greater EU ‘strategic autonomy’? Three interesting features of the proposed EU Cyber Solidarity Act
Mark Young, Paul Maynard, and Anna Sophia Oberschelp de Meneses of Covington & Burling write: On April 18, 2023, the European Commission published its proposal for an EU Cyber Solidarity Act (“CSA”). It aims to strengthen incident detection, situational awareness, and response capabilities, and to ensure that entities providing services critical for day-to-day life can access expert…
Aeries Settles Data Breach Lawsuit for $1.75M; Illuminate Suit is Dismissed – For Now
Kristal Kuykendall reports on the very different outcomes of two class action lawsuits stemming from breaches involving EdTech. Both of these lawsuits’ outcomes have been reported previously on DataBreaches, but this article says that both cases, despite the vastly different outcomes so far, should put EdTech vendors on notice. In a class-action lawsuit filed on…
3CX Breach Was a Double Supply Chain Compromise
Brian Krebs reports: In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all machines where the app was installed. 3CX says it has more than 600,000 customers and 12 million users in a broad range of industries,…
Russian hackers exfiltrated data from from Capita over a week before outage
Kevin Beaumont writes: Capita have finally admitted a data breach, but still do not think they need to disclose key details of the incident to customers, regulators, impacted parties and investors. So in this piece we shall dig into the details using open source intelligence, and prove Capita was penetrated by Black Basta ransomware group using…