Sergiu Gatlan reports: Iranian-backed hacking group Fox Kitten has been linked to the Pay2Key ransomware operation that has recently started targeting organizations from Israel and Brazil. “We estimate with medium to high confidence that Pay2Key is a new operation conducted by Fox Kitten, an Iranian APT group that began a new wave of attacks in…
Category: Of Note
Cyberattack hits Israeli companies, with Iran reportedly the likely culprit
Oops. I missed this one last week. Stuart Winer reports: A major cyberattack earlier this month hit dozens of Israeli logistics companies, with hackers making off with information from servers, according to a report of the incident by one of the victims filed Sunday to the Tel Aviv Stock Exchange. The attack hit Amital Data,…
OCR Releases Its 2016-2017 Audit Report on Health Care Industry Compliance with the HIPAA Rules
Today, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) released its 2016-2017 HIPAA Audits Industry Report that reviewed selected health care entities and business associates for compliance with certain provisions of the HIPAA Privacy, Security, and Breach Notification Rules. The Health Information Technology for Economic and Clinical…
Suspected Russian hacking spree extended beyond SolarWinds users
Joseph Menn reports: The massive hacking campaign disclosed by U.S. officials this week and tentatively attributed to the Russian government extended beyond users of pervasive network software that had been compromised. “The SolarWinds Orion supply chain compromise is not the only initial infection vector this APT actor leveraged,” said DHS’s Cybersecurity and Infrastructure Security Agency,…
In 2020, COVID-19 also impacted the carding market
It’s always nice when trends make sense. And it’s even nicer when professionals watch and analyze those trends for us. In a report released this morning, Gemini Advisory looked at the carding market in 2020 and how the pandemic does correlate with a significantly decreased demand for Card Present (CP) data on the dark web…
Company that Provides Travel Emergency Services Settles FTC Allegations it Failed to Secure Sensitive Consumer Data
It feels like it’s been a while since we’ve seen an FTC data security case (well, apart from Zoom’s issues). Today, FTC issued a press release about a settlement stemming from SkyMed International’s misconfigured elastic search instance that exposed more than 130,000 people’s information. The exposed data were discovered by Jeremiah Fowler and reported in…