Zack Whittaker reports: Manhunt, a gay dating app that claims to have 6 million male members, has confirmed it was hit by a data breach in February after a hacker gained access to the company’s accounts database. In a notice filed with the Washington attorney general’s office, Manhunt said the hacker “gained access to a database that…
Detecting Clop Ransomware
Splunk Threat Research Team reports: As ransomware campaigns continue, malicious actors introduce different modus operandi to target their victims. In this blog, we’ll be taking a look at the Clop ransomware. This crimeware was discovered in 2019 and is said to be used for an attack that demanded one of the highest ransom amounts in recorded history…
DOL Issues Cybersecurity Best Practices for ERISA Covered Retirement Plans
Joseph J. Lazzarotti of JacksonLewis writes: Today, the U.S. Department of Labor’s Employee Benefits Security Administration (EBSA) issued much anticipated cybersecurity guidance for employee retirement plans. This comes more than four and a half years after the ERISA Advisory Council, a 15-member body appointed by the Secretary of Labor to provide guidance on employee benefit plans, shared with the…
Houston Rockets Hit by “Babuk” Ransomware
Bill Toulas reports: The ransomware group known as “Babuk” has added Houston Rockets to its victim list, warning about the imminent leak of 500GB of stolen data if their payment demands aren’t met. The threat actors present screenshots of the exfiltrated files as proof of possession, showing what appears to be contracts, non-disclosure agreements, customer…
Brokerage firm agrees to $3 mln deal for New York cybersecurity rule violations
Sara Merken reports: Brokerage firm National Securities Corp has agreed to pay $3 million in a settlement with New York’s financial services regulator over shortfalls that resulted in four cybersecurity breaches involving unauthorized access to email accounts. Read more on Reuters. NY DFS’s press release: Superintendent of Financial Services Linda A. Lacewell announced today that…
Two Somerset County school districts report cyber attacks
Mike Deak reports: Two Somerset County school districts were the targets of suspected cyber attacks in the past week. Schools in both Hillsborough and Bernards were closed for a day after cyber attacks were suspected. Hillsborough schools were closed on Monday and Bernards schools were closed April 7. Schools in both districts were open the following…