Hiawatha Bray reports: To pay or not to pay? For organizations victimized by ransomware, that’s a tricky question that may not have a good answer. A report from the Boston tech security firm Cybereason argues that paying off cybercriminals may not get businesses off the hook. In a global survey of nearly 1,300 security professionals, two-thirds said…
Category: Of Note
SCOOP: UnitingCare paid hundreds of thousands of dollars to REvil for decryption key and deletion of files
On April 25, UnitingCare Queensland (UCQ) was the victim of a ransomware attack that impacted multiple Queensland hospitals and aged care centres. The next day, they posted a notice on their web site informing people as to what was happening and its impact. And on May 5, they posted a second update where they revealed…
Cl0p affiliated hackers exposed in Ukraine, $500 million in damages estimated
Vilius Petkauskas reports: Ukrainian police reported uncovering a group of hackers who used ransomware software to extort money from foreign businesses, mainly in the United States and South Korea. Authorities claim that hackers used Cl0p encryption software to decipher stolen data and demanded ransom for the access key. According to the police, suspects used double-extorsion,…
SEC Settles Enforcement Action for Disclosure Controls Violations Stemming from Data Security Incident
Kate Hanniford writes: The SEC has settled an enforcement action against a large title insurer in connection with public statements and disclosures made by the company in May 2019 relating to a data security incident. The underlying data security incident was the subject of the first set of charges brought by the New York Division of Financial…
Santa Cruz ‘homeless hacker’ known as “Commander X” extradited from Mexico on decade-old case
Jessica A. York reports: Former Santa Cruz homeless activist “Commander X” has been deported from Mexico to face more than decade-old allegations of maliciously hacking into the county’s computer system. el file) Christopher Doyon, 56, appeared Monday before Magistrate Judge Donna Ryu in U.S. District Court for the Northern District of California to face indictment…
Avaddon ransomware shuts down and releases decryption keys
Lawrence Abrams reports: The Avaddon ransomware gang has shut down operation and released the decryption keys for their victims to BleepingComputer.com. This morning, BleepingComputer received an anonymous tip pretending to be from the FBI that contained a password and a link to a password-protected ZIP file. […] In total, the threat actors sent us 2,934 decryption…