March 26, 2025 – Gatineau, Quebec Privacy Commissioner of Canada Philippe Dufresne has launched a new online tool that will help businesses and federal institutions that experience a privacy breach to assess whether the breach is likely to create a real risk of significant harm to individuals. The privacy breach risk self-assessment tool is a convenient web-based application…
Category: Commentaries and Analyses
How the FBI Tracked, and Froze, Millions Sent to Criminals in Massive Caesars Casino Hack
Joseph Cox of 404 Media in collaboration with Court Watch writes: The FBI managed to track down and freeze millions of dollars of cryptocurrency Caesars Entertainment sent to a group of hackers that held the casino’s computer systems ransom, according to a 404 Media and Court Watch review of a recently unsealed court document. According…
Blacklock Ransomware: A Late Holiday Gift with Intrusion into the Threat Actor’s Infrastructure
As seen on Resecurity’s blog, and where they are entitled to take a victory lap: Dubbed “BlackLock” (aka “El Dorado” or “Eldorado“), the ransomware-as-a-service (RaaS) outfit has existed since March 2024. In Q4 of last year, it increased its number of data leak posts by a staggering 1,425% quarter-on-quarter. According to independent reporting, a relatively new group has rapidly accelerated…
Shifting the sands of RansomHub’s EDRKillShifter
Jakub Souček and Jan Holman report: The RansomHub ransomware-as-a-service (RaaS) operation affiliates were linked to established gangs Medusa, BianLian, and Play, which share the use of RansomHub’s custom-developed EDRKillShifter. ESET researchers take a look back at the significant changes in the ransomware ecosystem in 2024 and focus on the newly emerged and currently dominating ransomware-as-a-service…
Defense Contractor MORSECORP Inc. Agrees to Pay $4.6 Million to Settle Cybersecurity Fraud Allegations
MORSECORP Inc. (MORSE), of Cambridge, Massachusetts, has agreed to pay $4.6 million to resolve allegations that MORSE violated the False Claims Act by failing to comply with cybersecurity requirements in its contracts with the Departments of the Army and Air Force. The settlement resolves allegations that MORSE submitted false or fraudulent claims for payment on contracts with…
A Sneaky Phish Just Grabbed my Mailchimp Mailing List
Troy Hunt, owner of HaveIBeenPwned.com, writes: You know when you’re really jet lagged and really tired and the cogs in your head are just moving that little bit too slow? That’s me right now, and the penny has just dropped that a Mailchimp phish has grabbed my credentials, logged into my account and exported the…