Some breaches may be more embarrassing to admit to than others. Kudos to this therapist for forthrightly informing the Washington state attorney general what happened: I am writing to advise you of a computer data breach, which occurred from December 2 to December 4, 2022. I was contacted by a person representing himself as an…
Interview with Mallox ransomware group
Over on SuspectFile, Marco A. De Felice has a write-up of an interview with Mallox. Unlike some interviews where spokespeople brag or make claims or pose a bit, Mallox’s spokesperson comes across as a serious individual who is part of a closed group that has worked together for the past few years without the drama…
Hacked evidence and stolen data swamp English courts
Franz Wild, Ed Siddons, and Simon Lock report: A multimillion-pound high court case between an authoritarian Gulf emirate and an Iranian-American businessman has revealed how hacked evidence is being used by leading law firms to advance their clients’ claims. The case has included allegations that a former Metropolitan Police officer hired Indian hackers and that…
Avast releases free BianLian ransomware decryptor
Bill Toulas reports: Security software company Avast has released a free decryptor for the BianLian ransomware strain to help victims of the malware recover locked files without paying the hackers. The availability of a decryptor comes only about half a year after increased activity from BianLian ransomware over the summer of 2022, when the threat group breached multiple high-profile…
North Korean Hacking Group Tied to $100M Harmony Hack Moves 41,000 Ether Over Weekend
Shaurya Malwa reports: Pseudonymous blockchain sleuth ZachXBT said on Monday that part of the funds tied to last year’s $100 million attack on the Harmony network were moved over the weekend. “North Korea’s Lazarus Group had a very busy weekend, moving $63.5 million (~41,000 ETH) from the Harmony bridge hack through Railgun before consolidating funds…
NortonLifeLock warns that hackers breached Password Manager accounts
Bill Toulas reports: Gen Digital, formerly Symantec Corporation and NortonLifeLock, is sending data breach notifications to customers, informing them that hackers have successfully breached Norton Password Manager accounts in credential-stuffing attacks. According to a letter sample shared with the Office of the Vermont Attorney General, the attacks did not result from a breach on the…