Snatch Team has recently been exploring some novel uses of Telegram. Unlike other groups that use Telegram mainly to list new leaks, Snatch is providing commentaries and analyses of their breaches and more educational materials for readers. Some of their commentaries on specific incidents can be fodder for any lawsuits against the companies or entities…
Category: Of Note
Ransomware Diaries: Volume 3 – LockBit’s Secrets
Add this to your must-read list for the week (after you finish the Georgia indictment, of course, although to be honest, the ransomware diaries entry is more fascinating). Jon DiMaggio of Analyst1 writes: In this volume of the Ransomware Diaries, I will share interesting, previously unknown details of the LockBit ransomware operation that LockBit has…
Over 100K hacking forums accounts exposed by info-stealing malware
Ionut Ilascu reports: Researchers discovered 120,000 infected systems that contained credentials for cybercrime forums. Many of the computers belong to hackers, the researchers say. Analyzing the data, threat researchers found that the passwords used for logging into hacking forums were generally stronger than those for government websites. After pouring through 100 cybercrime forums, researchers at…
NYS Comptroller Audit: Cyber Incident Response Team (Follow-Up)
Issued Date: July 20, 2023 Agency/Authority: Homeland Security and Emergency Services, Division of Objective To assess the extent of implementation of the two recommendations included in our initial audit report, Cyber Incident Response Team (Report 2020-S-58). About the Program Cybercrimes continue to rise. According to the Federal Bureau of Investigation (FBI), complaints of phishing and similar cyberattacks often…
Monti Ransomware Unleashes a New Encryptor for Linux
Nathaniel Morales and Joshua Paul Ignacio report: … Following a two-month break from exposing victims on their leak site, the Monti ransomware group has resumed its malicious activities, this time targeting organizations within the legal and government sectors. Alongside this, a fresh Linux-based variant of Monti (Ransom.Linux.MONTI.THGOCBC) has emerged, displaying significant deviations from its other…
One year later, Tift Regional Medical Center notifies patients of Hive attack
In September 2022, DataBreaches broke the story of how Hive had attacked Tift Regional Medical Center in Georgia between July and August. The attack did not involve encryption of systems but Hive claimed to have exfiltrated about 1 TB of data, including files with protected health information. On October 14, Tift notified HHS of an…