Catalin Cimpanu writes: There are a handful of seminal reports in the cybersecurity industry, and lo and behold, three of them were released on Wednesday. Mandiant’s team, now part of Google Cloud, released M-Trends, Verizon released its Data Breach Investigations Report (aka DBIR), and the FBI Internet Crime Complaint Center (IC3) released its yearly Internet Crime Report [PDF]. All…
Category: Of Note
ELENOR-corp Ransomware: A New Mimic Ransomware Variant Attacking the Healthcare Sector
Michael Gorelik of Morphisec writes: Morphisec recently investigated an incident involving a new variant of one of the most aggressive ransomware families: Mimic version 7.5. First observed in 2022, Mimic remains relatively underreported in the public domain, aside from a detailed analysis of Mimic version 6.3 that was previously published by Cyfirma and Kaspersky. Target Audience: This threat analysis…
DOGE Sued Over Record Keeping, Failing to Reply to FOIA Requests
If breaches or insider wrongdoing by DOGE employees are suspected, DOGE’s alleged failure to maintain and make transparent required records makes investigation nearly impossible or actually impossible. Mallory Culhane reports: The Department of Government Efficiency and top Trump administration officials are being sued over the agency’s alleged violations of federal record-keeping and transparency laws. DOGE…
High court upholds damages in ICBC privacy breach that resulted in shootings, arson
Long-time readers may recall a truly frightening insider breach at the Insurance Corporation of British Columbia (ICBC) that resulted in cases of arson and people being shot at. The breach was first disclosed in 2011. An employee had reportedly accessed personal information on 65 people. We would later learn that Candy Elaine Rheaume had accessed…
Former U.S. Army Intelligence Analyst Sentenced for Selling Sensitive Military Information to Individual Tied to Chinese Government
A press release from the DOJ: A former U.S. Army intelligence analyst was sentenced today to 84 months in prison for conspiring to collect and transmit national defense information, including sensitive, non-public U.S. military information, to an individual he believed was affiliated with the Chinese government. Korbein Schultz, 25, of Wills Point, Texas, pleaded guilty in August…
Chinese Ghost Hackers Hit Hospitals And Factories In America And U.K.
Davey Winder reports: There are two types of scumbag in the cybercrime world: those who pick on vulnerable individuals to perpetrate their fraud, and those who target healthcare in search of illicit financial gains. The latter are, thankfully, much rarer than the former. However, hospitals have been on the ransomware and hacking radar before now,…