Another day, another massive leak. Researcher Jeremiah Fowler reports that he found unsecured data with 1,674,218 records belonging to DM Clinical Research. DM Clinical Research is a Texas-based network of more than 24 multi-therapeutic clinical trial sites involved in research on vaccines, internal medicine, pediatrics, gastroenterology, psychiatry, neurology, women’s health, and more. DM Clinical Research’s…
Meet NailaoLocker: a ransomware distributed in Europe by ShadowPad and PlugX backdoors
Marine Pichon and Alexis Bonnefoi of Orange Cyberdefense report: Last year, Orange Cyberdefense’s CERT investigated a series of incidents from an unknown threat actor leveraging both ShadowPad and PlugX. Tracked as Green Nailao (“Nailao” meaning “cheese” in Chinese – a topic our World Watch CTI team holds in high regard), the campaign impacted several European organizations, including in the healthcare vertical, during…
Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger
Dan Black of Google’s Threat Intelligence Group writes: Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia’s intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government…
FBI and CISA Warn of Ghost Ransomware
Waqas reports: A joint advisory from the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) reveals the ongoing threat of Ghost ransomware, also known as Cring. Active since early 2021, this group, operating out of China, has targeted organizations in over 70 countries, impacting…
Medusa ransomware gang demands $2M from UK private health services provider
Iain Thomson reports: HCRG Care Group, a private health and social services provider, has seemingly fallen victim to the Medusa ransomware gang, which is threatening to leak what’s claimed to be stolen internal records unless a substantial ransom is paid. Previously known as Virgin Care and now owned by Twenty20 Capital, HCRG runs child and…
Privilege Under Pressure: The Shifting Data Breach Investigation Landscape
Jena M. Valdetero and Emily S. Taetzsch of Greenberg Traurig, LLP write that in recent years, federal courts have narrowed the scope of protection for forensic reports produced in response to data breaches. As part of her discussion, she cites the Capital One case in 2020, the Wengui case in 2021, the Rutter’s case a few…