Jonathan Ishee and Amanda Ray of McGuireWoods LLP write: On May 31, 2021, the Texas Legislature approved House Bill 3746, which seeks to amend the Texas Business and Commerce Code § 521.053 relating to certain notifications required following a breach of security of computerized data. Notably, the bill directs the Texas attorney general to post…
From QBot…with REvil Ransomware: Initial Attack Exposure of JBS
Vitali Kremez & Yelisey Boguslavskiy write: During the first week of June 2021, two major corporations were attacked by a ransomware group. JBS, the largest meat producer in the world, was hit on May 30, with the attack targeting the North American and Australian IT systems. Fujifilm, a Japanese multinational conglomerate was likely hit between…
New York City Law Department Hit by Cyberattack
Katie Honan reports: Hackers breached the New York City Law Department’s computer system over the weekend, prompting the city to limit access to the network as it investigates the cyberattack, officials said Monday. The city’s Cyber Command, which monitors more than 100 government agencies and offices, first detected the breach on Saturday, according to Laura…
FBI and Australian police ran an encrypted chat platform to catch criminal gangs
Catalin Cimpanu reports: The FBI and Australian Federal Police ran an encrypted chat platform and intercepted secret messages between criminal gang members from all over the world for more than three years. Named Operation Ironside (AFP) / Trojan Shield (FBI, Interpol) on Monday, law enforcement agencies from Australia, Europe, and the US conducted house searches and arrested thousands of…
US truck and military vehicle maker Navistar discloses data breach
Sergiu Gatlan reports: Navistar International Corporation (Navistar), a US-based maker of trucks and military vehicles, says that unknown attackers have stolen data from its network following a cybersecurity incident discovered on May 20, 2021. The company disclosed the attack in an 8-K report filed with the Securities and Exchange Commission (SEC) on Monday. Navistar says…
The blurry boundaries between nation-state actors and the cybercrime underground
Intel471 writes: When it comes to attributing malicious cyber activity, there are two buckets by which actors generally fall in: “financially-motivated” or “nation-state.” The former is ultimately interested in money, while the latter is more concerned with obtaining or exploiting sensitive information to gain an advantage over a government or commercial entity. For the past…