A few weeks ago, this site published a post about a hack of DataViper.io. In that post, I erroreously reported that Vinny Troia had admitted to selling and trading stolen data, which he justified as part of his undercover work. Later in the post, I also prefaced a statement with “Given that…” Those statements were…
Lifespan Pays $1,040,000 to OCR to Settle Unencrypted Stolen Laptop Breach
In April, 2017, Lifespan issued a statement disclosing a stolen laptop incident involving unencrypted protected health information. In at least two places in their statement they claim that they are committed to protecting the security and confidentiality of patient data. Today, OCR announced a settlement with Lifespan in which Lifespan is to pay more than…
No More Ransom: How 4 Million Victims of Ransomware Have Fought Back Against Hackers
A press release from Europol: While the world is in the grip of a coronavirus outbreak, another virus is quietly wreaking havoc. Although this virus has been around for years, its cases have been rising alarmingly in the past few months and has brought critical activities such as hospitals and governments to a standstill. This…
Atlassian says encryption-busting law has damaged Australia’s tech reputation
Asha Barbaschow reports: Atlassian believes Australia’s encryption-busting legislation continues to have a negative impact on the country’s technology sector, both from the perspective of partnering with an Australian company and attracting tech talent down under. “The Act’s passage has significantly degraded the global reputation of the Australian tech sector, as local companies and multinationals alike…
Inside “Phobos” Ransomware: “Dharma” Past & Underground
Bridgit Sullivan writes: Phobos is a type of Advanced Encryption Standard (AES) ransomware that was first seen in October 2017 but became increasingly active in 2019. Also referred to as Phobos NextGen or Phobos Not Dharma, Phobos ransomware is extremely similar to the Dharma and Crysis ransomware family due to the same Dharma codebase. It…
Proposed Amendment to the North Carolina Identity Theft Protection Act
Alexander Turner of Spilman Thomas & Battle, PLLC writes: In April 2019, with the introduction of House Bill 904, a bi-partisan effort was made to strengthen cyber security in North Carolina. H.B. 904 seeks to make North Carolina’s Identity Theft Protection Act one of the strongest in the nation by broadening the definition of what constitutes…