Attorney Jeff Drummond writes: News from the Cyberinsurance Market: Healthcare entities are finding that cybersecurity insurance is getting harder to find. Insurers are leaving the market, and prices are going up. Having cyberinsurance has always been a good call, from the time the insurance first hit the market, because (i) the risk is so hard to quantify,…
Category: Malware
Qbot malware now uses Windows MSDT zero-day in phishing attacks
Sergiu Gatlan reports: A critical Windows zero-day vulnerability, known as Follina and still waiting for an official fix from Microsoft, is now being actively exploited in ongoing phishing attacks to infect recipients with Qbot malware. Proofpoint first reported Monday that the same zero-day was used in phishing targeting US and EU government agencies. Read more at BleepingComputer.
LockBit tries to get media’s attention for their response to a Mandiant analysis
One of the most hated threat intel companies in the world is Mandiant, and they are hated because they are often right. But this week, LockBit decided to respond in a somewhat different way to one of Mandiant’s recent claims. The ransomware group published a notice on their leak site yesterday saying that 356,841 files…
Italian city of Palermo shuts down all systems to fend off cyberattack
Bill Toulas reports: The municipality of Palermo in Southern Italy suffered a cyberattack on Friday, which appears to have had a massive impact on a broad range of operations and services to both citizens and visiting tourists. Palermo is home to about 1.3 million people, the fifth most populous city in Italy. The area is…
Pysa shuttered its leak site before it ever dumped data from more than half a dozen schools. Here’s what we know so far.
The education sector has always been a relatively easy target for cybercriminals. One group in particular — Pysa — earned a reputation for its ransomware attacks on schools. Despite analyses and alerts in March, 2021 by threat intel firms and the U.S. government indicating that Pysa was a major threat to the education sector in…
Are victims of Netgain ransomware incident first being notified now?
Accounting firm Perkins & Co. in Portland Oregon has submitted a notification to the Vermont Attorney General’s Office about a breach that goes back to 2020 — the Netgain ransomware incident that impacted numerous clients and individuals. According to Perkins’ notification, Netgain first notified them of the breach in December 2020. So why did it…