From The DFIR Report: The Ryuk group went from an email to domain wide ransomware in 29 hours and asked for over $6 million to unlock our systems. They used tools such as Cobalt Strike, AdFind, WMI, vsftpd, PowerShell, PowerView, and Rubeus to accomplish their objective. Ryuk has been one of the most proficient ransomware…
OH: 11 charged in conspiracy to steal account information, money from bank customers
October 9 — A federal grand jury has charged 11 Cincinnatians in a conspiracy to steal bank customers’ information in Greater Cincinnati and Northern Kentucky in an indictment unsealed here today. According to the indictment, five of the defendants were employed as customer service representatives at Fifth Third Bank in Cincinnati, and in conspiracy with…
HI: Potential data breach exposed in state’s travel exemption request system
HNN Staff report: The state is investigating a potential breach of data within one of their systems tied to the Attorney General’s office. Nearly 150 individuals who applied for a travel exemption through the state Attorney General’s website were notified Friday about the potential breach. It impacts applicants between Sept. 18 and Sept. 21. Read…
Defendant had no reasonable expectation of privacy in his employer’s information he was accused of taking
FourthAmendment.com highlights a court opinion out of Massachusetts: Defendant is charged with accessing and taking his employer’s information for the purpose of setting up a rival company doing the same thing. His motion to suppress the information is denied because he has no reasonable expectation of privacy in it. United States v. Yu, 2020 U.S….
Software AG falls prey to ransomware attack
Earlier this week, Catalin Cimpanu reported Software AG, one of the largest software companies in the world, has suffered a ransomware attack over the last weekend, and the company has not yet fully recovered from the incident. A ransomware gang going by the name of “Clop” has breached the company’s internal network on Saturday, October…
This stealthy hacker-for-hire group is using phishing, malicious apps and zero-day attacks against its victims
Danny Palmer reports: An extensive cyber-espionage operation by a hacker-for-hire group that uses phishing, social engineering, malicious apps, custom malware and zero-day attacks has been secretly targeting governments, private industry and individuals for years in what’s described as a diverse, patient and elusive hacking enterprise. Dubbed Bahamut, the mercenary hacking group has been carrying out extensive operations against…