Simon Sharwood reports: Cisco’s Talos security unit says it has detected an increased rate of attacks on targets on the Indian subcontinent and named an advanced persistent threat actor named SideCopy as the source. The outfit on Wednesday posted that it has tracked “an increase in SideCopy’s activities targeting government personnel in India using themes and tactics…
Category: Malware
Ransomware-hit law firm gets court order asking crooks not to publish the data they stole
Gareth Corfield reports on what sounds like a legal Hail Mary play: A barristers’ chambers hit by a ransomware attack has responded by getting a court order demanding the criminals do not share stolen data. 4 New Square chambers, which counts IT dispute experts among its ranks, obtained a privacy injunction from the High Court…
Digging into Decoder.re in Kaseya ransom notes– threat intel by Resecurity
Interesting #threatintel thread on Twitter this morning from Resecurity (Full disclosure: I worked with one of their team a number of years ago.). Their research findings do not seem to be up on their web site at this time, so hopefully you can access it on Twitter. The thread begins here. In light of the…
Malware campaign targets companies waiting for Kaseya security patch
Graham Cluley reports: While the world continues to wait for Kaseya to issue an update to patch VSA installations against a vulnerability exploited by the REvil ransomware gang, security firm Malwarebytes has spotted a malware campaign which is taking advantage of the vacuum. In a tweet, security researchers shared details of a malicious email that was sent…
The Waikato DHB breach: What do NZ regulations consider reasonable security?
DataBreaches.net reports on breaches from many countries, including New Zealand. On my companion site, PogoWasRight.org, I’ve posted approximately 200 news stories about privacy incidents there, their privacy laws, and decisions by their privacy commissioner. And on this site, I’ve posted almost 200 more articles about breaches impacting New Zealand. But when the Waikato District Health…
PracticeFirst notifies patients and employees after ransomware incident
Yesterday, Professional Business Systems, Inc. d/b/a Practicefirst Medical Management Solutions and PBS Medcode Corp., a medical management company that processes data for health care providers, issued a press release about an incident that occurred last year. From their release: What Happened? On December 30, 2020, We learned that an unauthorized actor who attempted to deploy…