Executive Summary Trinity ransomware is a relatively new threat actor, known for employing a double extortion strategy. This method involves exfiltrating sensitive data before encrypting files, thereby increasing pressure on victims to pay the ransom. This ransomware uses the ChaCha20 encryption algorithm, and encrypted files are tagged with the “.trinitylock” file extension. Trinity operates a…
Australia Introduces First Standalone Cybersecurity Law
James Coker reports: The Australian government has introduced the country’s first standalone cybersecurity law to Parliament. The new legislation aims to better protect citizens and organizations against a heightened geopolitical and cyber threat environment. The Cyber Security Bill 2024 covers a range of areas, including mandating minimum cybersecurity standards for IoT devices and mandatory ransomware reporting for critical infrastructure…
Ukrainian court sentences hackers who carried out over 5,000 cyberattacks for Russia
Dmytro Basmat reports: Ukrainian court has sentenced in absentia two members of the Russian security service-backed (FSB) hacker group “Armageddon” for having carried out more than 5,000 cyberattacks against Ukrainian institutions and critical infrastructure, Ukraine’s State Security Service (SBU) said on Oct. 8. Russian hackers have regularly targeted various Ukrainian government institutions as well as businesses with…
British man, 20, appears in court in Rotterdam in dark web probe
Dutch News reports: A 20-year-old Englishman appeared in court in Rotterdam on Tuesday for his role in setting up and running a dark web marketplace named Bohemia. Finlay H, who was just 17 when he became embroiled in the website, was arrested at Schiphol airport this summer. He was in court for a procedural hearing…
When you don’t know why you are being notified of a breach, Tuesday edition (2)
On March 19, 2024, DataBreaches reported a ransomware attack targeting New York Plastic Surgical Group (a division of Long Island Plastic Surgical Group). According to one of the threat actors involved, the attack occurred on January 7 and involved both RADAR and AlphV (BlackCat) groups working together — AlphV to encrypt files and negotiate the ransom…
Water supplier American Water Works says systems hacked
Kate Gibson reports: American Water Works — a supplier of drinking water and wastewater services to more than 14 million people — on Monday said hackers had breached its computer networks and systems, prompting it to pause billing to customers. The Camden, New Jersey-based utility became aware of the unauthorized activity on Thursday, and took…