Will Huntsberry reports: The breadth of a cyber attack against San Diego Unified School District last year is coming into view. Student medical records may have been taken during the hack, district officials notified parents in a letter dated May 4. […] The new letter obtained by Voice of San Diego is the first admission that children’s…
Category: Commentaries and Analyses
Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocol
Jurgita Lapienytė reports: Unlike most ransom campaigns, CheckMate, discovered in 2022, has been quiet throughout its operations. To the best of our knowledge, it doesn’t operate a data leak site. That’s quite unusual for a ransomware campaign since many prominent gangs brag about big targets and post them as victims on their data leak sites….
#StopRansomware: Malicious Actors Exploit CVE-2023-27350 in PaperCut MF and NG
Jen Easterly, Director of CISA, tweeted: In early May 2023, a group self-identifying as the Bl00dy Ransomware Gang was observed attempting to exploit vulnerable PaperCut servers at educational institutions. Read our joint advisory with @FBI and apply patches or workarounds today: http://go.dhs.gov/4sz The advisory is embedded below:
Ransomware Encryption Rates Reach New Heights
Weren’t we reading something a while back about how some ransomware groups were no longer locking files and were just exfiltrating? Phil Muncaster reports a recent study says the rate of locking is higher than ever. The share of ransomware victims whose data was encrypted by their extorters grew to 76% over the past year,…
Half of North Korean missile program funded by cyberattacks and crypto theft, White House says
Sean Lyngaas reports: About half of North Korea’s missile program has been funded by cyberattacks and cryptocurrency theft, a White House official said Tuesday. A sweeping US federal government effort is ongoing to understand how “a country like [North Korea] is so darn creative in this space,” Anne Neuberger, deputy national security adviser for cyber and emerging…
Za: Department of justice negligence leads to huge personal data loss
Rorisang Kgosana reports: The department of justice & constitutional development contravened the Protection of Personal Information (POPI) Act, resulting in the loss of more than 1,200 files. The Information Regulator issued an enforcement notice to the department this week for a September 2021 security breach on its IT systems. […] The security breach was caused…