New post by Mark Arena of Intel471 begins: This blog post takes a look at the credibility of claims in public reports of North Korean (referred to as DPRK for the rest of this post) links to Russian-speaking cybercriminals. The post is based as much as possible on public and open sources from credible parties…
Category: Of Note
Did ransomware threat actors hit a German medical clinic by mistake? Either way, someone died as a result.
It was our nightmare realized: a medical center was completely paralyzed by a ransomware attack and someone died as a result (SEE UPDATE2 below for correction on that). As of last week, the University Clinic in Düsseldorf reported that it was in a state of emergency. Operations had been canceled, and ambulances had to be…
NY Attorney General James Gets Dunkin’ to Fill Holes in Security, Reimburse Hacked Customers
New York Attorney General Letitia James today announced a settlement with Dunkin’ Brands, Inc. (Dunkin’) — franchisor of Dunkin’ Donuts — resolving a lawsuit over the company’s failure to respond to successful cyberattacks that compromised tens of thousands of customers’ online accounts. The settlement requires the company to notify customers impacted in the attacks, reset those customers’…
Magento online stores hacked in largest campaign to date
Catalin Cimpanu reports: More than 2,000 Magento online stores have been hacked over the weekend in what security researchers have described as the “largest campaign ever.” The attacks were a typical Magecart scheme where hackers breached sites and then planted malicious scripts inside the stores’ source code, code that logged payment card details that shoppers…
Interim Report on the Blackbaud Breach: 3.4 Million Patients and Counting
The Blackbaud ransomware incident disclosed on July 16 will likely end up being the largest or one of the largest breaches of the year involving patient information. I’ve been reading disclosures from dozens of entities and have compiled a list of those Blackbaud clients whose disclosures state or suggest that Blackbaud had been storing some…
Secure Data Technologies Sues Ex-Employee for Breach of Contract
Christina Tabacco reports: On Thursday, Secure Data Technologies, Inc. sued a former employee for hacking the company’s email system and removing confidential and proprietary information. The Eastern District of Missouri lawsuit states seven claims for relief under various Missouri and Illinois business tort and computer fraud statutes. According to the filing, Secure Data is an Illinois corporation,…