Matt Fisher writes: Demands for medical records can stem from a variety of investigations, which can involve a myriad of sources. The most recent example driving headlines is an investigation involving Vanderbilt University Medical Center (“VUMC”). VUMC disclosed records concerning treatment of transgender patients to the Tennessee Attorney General. According to the Attorney General, an investigation of…
Category: Commentaries and Analyses
Cuba Ransomware Deploys New Tools: Targets Critical Infrastructure Sector in the U.S. and IT Integrator in Latin America
Blackberry’s Research and Intelligence Team writes: BlackBerry has discovered and documented new tools used by the Cuba ransomware threat group. Cuba ransomware is currently into the fourth year of its operation and shows no sign of slowing down. In the first half of 2023 alone, the operators behind Cuba ransomware were the perpetrators of several high-profile…
Ransomware Diaries: Volume 3 – LockBit’s Secrets
Add this to your must-read list for the week (after you finish the Georgia indictment, of course, although to be honest, the ransomware diaries entry is more fascinating). Jon DiMaggio of Analyst1 writes: In this volume of the Ransomware Diaries, I will share interesting, previously unknown details of the LockBit ransomware operation that LockBit has…
Hospital Mergers Double the Risk of a Data Breach, Study Shows
Joseph J. Lazzarotti of JacksonLewis writes: The healthcare sector is a prime target for data breaches. According to a summary by the HIPAA Journal, 32% of all data breaches between 2015 and 2022 were in the healthcare sector, “almost double the number recorded in the financial and manufacturing sectors.” Industry analysts cite to many reasons for this, including…
Over 100K hacking forums accounts exposed by info-stealing malware
Ionut Ilascu reports: Researchers discovered 120,000 infected systems that contained credentials for cybercrime forums. Many of the computers belong to hackers, the researchers say. Analyzing the data, threat researchers found that the passwords used for logging into hacking forums were generally stronger than those for government websites. After pouring through 100 cybercrime forums, researchers at…
NYS Comptroller Audit: Cyber Incident Response Team (Follow-Up)
Issued Date: July 20, 2023 Agency/Authority: Homeland Security and Emergency Services, Division of Objective To assess the extent of implementation of the two recommendations included in our initial audit report, Cyber Incident Response Team (Report 2020-S-58). About the Program Cybercrimes continue to rise. According to the Federal Bureau of Investigation (FBI), complaints of phishing and similar cyberattacks often…