Lawrence Abrams reports: The new PayloadBIN ransomware has been attributed to the Evil Corp cybercrime gang, rebranding to evade sanctions imposed by the US Treasury Department’s Office of Foreign Assets Control (OFAC). The Evil Corp gang, also known as Indrik Spider and the Dridex gang, started as an affiliate for the ZeuS botnet. Over time,…
Category: Of Note
Ukraine’s security service claims to have thwarted mass cyberattack by Russian special forces
The following is a machine translation of a press release by Служба безпеки України, the Security Service of Ukraine: The SBU blocked a mass cyberattack by Russian special services on the computer networks of the Ukrainian authorities Cyber experts of the Security Service of Ukraine revealed the facts of purposeful distribution of malicious software by…
Van Buren is a Victory Against Overbroad Interpretations of the CFAA, and Protects Security Researchers
Aaron Mackey and Kurt Opsahl of EFF write: The Supreme Court’s Van Buren decision today overturned a dangerous precedent and clarified the notoriously ambiguous meaning of “exceeding authorized access” in the Computer Fraud and Abuse Act, the federal computer crime law that’s been misused to prosecute beneficial and important online activity. The decision is a victory for all Internet…
Hackers Breached Colonial Pipeline Using Compromised Password
William Turton and Kartikay Mehrotra report: The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password, according to a cybersecurity consultant who responded to the attack. Hackers gained entry into the networks of Colonial Pipeline Co. on…
11th Circuit Upholds Historic $380 Million Equifax Data-Breach Settlement
Izzy Kapnick reports: A three-judge panel for the 11th Circuit on Thursday upheld the largest-ever U.S. class action settlement over a consumer data breach, rejecting a bevy of challenges to the $380 million deal. Finalized in January 2020, the settlement compensates U.S. consumers whose personal information was exposed in a cyberattack on the credit bureau Equifax. The…
Diverse six-justice majority rejects broad reading of computer-fraud law
Ronald Mann writes: The Supreme Court’s decision on Thursday in Van Buren v. United States provides the court’s first serious look at one of the most important criminal statutes involving computer-related crime, the federal Computer Fraud and Abuse Act. Justice Amy Coney Barrett’s opinion for a majority 0f six firmly rejected the broad reading of that statute that the…