The Wawasee Community School Corporation in Indiana was reportedly the victim of a cyberattack by BlackCat. The threat actors have now leaked what they claim are 9.78 GB of files on their leak site because Wawasee did not pay their demands. Perhaps luckily for Wawasee, the download link is not working at this time. There…
Crypto giant Binance moved $400 million from U.S. partner to firm managed by CEO Zhao
Angus Berwick and Tom Wilson report: Global cryptocurrency exchange Binance had secret access to a bank account belonging to its purportedly independent U.S. partner and transferred large sums of money from the account to a trading firm managed by Binance CEO Changpeng Zhao, banking records and company messages show. Over the first three months of…
Acting Pennsylvania Attorney General Henry Secures $400,000 Settlement with DNA Diagnostics Center Stemming from Data Breach
HARRISBURG – Acting Attorney General Michelle A. Henry today announced a settlement with DNA Diagnostics Center – one of the world’s largest private DNA-testing companies offering diagnostic and genetic testing to help answer relationship, fertility, and health questions – after a data breach exposed the social security numbers of 12,663 Pennsylvanians who were subject to genetic testing…
Private Data Breach Litigation Comes of Age
Quinn Emanuel Urquhart & Sullivan, LLP write, in part: Companies face yet another major risk after a data breach—one which is increasing exponentially—data breach litigation brought by private plaintiffs, often in the form of class actions brought by sophisticated plaintiffs’ counsel who specialize in such cases. Private civil litigation is now a probability, not a…
Nice Try Tonto Team: How a nation-state APT attempted to attack Group-IB
Group-IB writes: In 2023, IT and cybersecurity companies remain one of the most attractive targets for cybercriminals, according to the latest threat report “Hi-Tech Crime Trends 2022/2023”. The compromise of a vendor’s infrastructure opens up ample opportunities to penetrate the network further and gain access to a huge pool of data about the victim’s customers…
New MortalKombat ransomware and Laplas Clipper malware threats deployed in financially motivated campaign
Chetan Raghuprasad writes: Since December 2022, Cisco Talos has been observing an unidentified actor deploying two relatively new threats, the recently discovered MortalKombat ransomware and a GO variant of the Laplas Clipper malware, to steal cryptocurrency from victims. Talos observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP)…