I honestly cannot think of a more ironic name for a blog than the Sodinokibi (REvil) ransomware operators calling their website “Happy Blog.” Reading their updates today, they certainly didn’t seem happy, especially with Coveware, a firm that has assisted numerous ransomware victims. The firm’s services include helping negotiate ransom amounts and payment. But something…
Wright County notifies residents of 2019 email hack; COVID-19 response somewhat delayed notification
Notification of Data Security Incident May 13, 2020 Wright County, Minnesota – Notification of Data Security Incident This notice is to inform Wright County residents of a data security incident that potentially affected the personal information of county residents and non-residents in Wright County’s possession. We take the privacy and security of private information we…
A cybercrime store is selling access to more than 43,000 hacked servers
Catalin Cimpanu reports: MagBo, a shadowy online marketplace where hackers sell and buy hacked servers, is doing better than ever and has soared in popularity to become the largest criminal marketplace of its kind since its launch in the summer of 2018. Two years later, the MagBo portal has grown more than 14 times in…
Danger zone! Brit research supercomputer ARCHER’s login nodes exploited in cyber-attack, admins reset passwords and SSH keys
Gareth Corfield reports: Updated One of Britain’s most powerful academic supercomputers has fallen victim to a “security exploitation” of its login nodes, forcing the rewriting of all user passwords and SSH keys. The intrusion, which is understood to be under investigation by GCHQ offshoot the National Cyber Security Centre (NCSC), rendered the ARCHER high-performance computing (HPC)…
AKO ransomware operators put some hurt on pain management doctors
Ransomware operators known as the Maze team have been getting media attention for their influence in implementing what is being called a double extortion scheme: attackers gain access to their victim’s network, exfiltrate data, and then lock up the victim’s system with ransomware. They then demand a fee — which may be hundreds of thousands…
Elizabethtown Community Hospital Patients Lack Standing in Data Breach Row
Daniel R. Stoller has a litigation update on a case that stems from a 2018 breach affecting patients at Elizabethtown Community Hospital. Elizabethtown Community Hospital beat claims of inadequate data security protections after a federal judge in New York found that plaintiffs lacked standing. Read more on Bloomberg Law (subscription required).