Andrew Brandt and Peter Mackenzie of Sophos report: While conducting an investigation into an attack in July in which the attackers repeatedly attempted to infect computers with Maze ransomware, analysts with Sophos’ Managed Threat Response (MTR) discovered that the attackers had adopted a technique pioneered by the threat actors behind Ragnar Locker earlier this year,…
Category: Of Note
Cyber security breach at National Informatics Centre, malware attack traced to Bengaluru
ET reports: Breaching cyber security a malware attack on 100 computers of the National Informatics Centre (NIC) was reported on Friday. The government’s nodal agency NIC is responsible for securing critical cyber-infrastructure in the country and comes under the Ministry of Electronics and Information Technology (MeitY). Read more on ET.
Ca: Regina clinic failed to notify patients of privacy breach, says commissioner
Mark Melnychuk reports: An investigation by Saskatchewan’s privacy commissioner found that a Regina medical clinic did not notify patients when a doctor’s dictation machine containing personal health information went missing a year ago. According to the report filed on Sept. 15, Saskatchewan Information and Privacy Commissioner Ronald J. Kruzeniski wrote that his office was notified…
Partners in crime: North Koreans and elite Russian-speaking cybercriminals
New post by Mark Arena of Intel471 begins: This blog post takes a look at the credibility of claims in public reports of North Korean (referred to as DPRK for the rest of this post) links to Russian-speaking cybercriminals. The post is based as much as possible on public and open sources from credible parties…
Did ransomware threat actors hit a German medical clinic by mistake? Either way, someone died as a result.
It was our nightmare realized: a medical center was completely paralyzed by a ransomware attack and someone died as a result (SEE UPDATE2 below for correction on that). As of last week, the University Clinic in Düsseldorf reported that it was in a state of emergency. Operations had been canceled, and ambulances had to be…
NY Attorney General James Gets Dunkin’ to Fill Holes in Security, Reimburse Hacked Customers
New York Attorney General Letitia James today announced a settlement with Dunkin’ Brands, Inc. (Dunkin’) — franchisor of Dunkin’ Donuts — resolving a lawsuit over the company’s failure to respond to successful cyberattacks that compromised tens of thousands of customers’ online accounts. The settlement requires the company to notify customers impacted in the attacks, reset those customers’…