Bill Toulas reports: A BlackByte ransomware affiliate is using a new custom data stealing tool called ‘ExByte’ to steal data from compromised Windows devices quickly. Data exfiltration is believed to be one of the most important functions in double-extortion attacks, with BleepingComputer told that companies are more commonly paying ransom demands to prevent the leak…
Sonic Settles Data Breach Negligence Case
David Herman reports: Judge James Gwin has approved a class-action settlement between Sonic Corporation and a number of financial institutions. Sonic has agreed to pay $5.73 million to settle claims that their negligence led to a 2017 data breach, which compromised customers’ payment information. Court documents recount that in 2017, Sonic suffered a data breach…
Iranian Cyber Group Emennet Pasargad Conducting Hack-and-Leak Operations Using False-Flag Personas
FBI Private Industry Notification 20 October 2022 PIN Number 20221020-001 Summary The FBI is providing information concerning ongoing hack-and-leak cyber operations conducted by Iranian cyber group Emennet Pasargad. According to FBI information, since at least 2020, Emennet targeted entities primarily in Israel with cyber-enabled information operations that included an initial intrusion, theft and subsequent leak…
Cybersecurity Frameworks: What K-12 Leaders Need to Know
The K12 Security Information eXchange (K12 SIX) is pleased to release “Cybersecurity Frameworks: What K-12 Leaders Need to Know,” a new resource for state and local education leaders encouraging the adoption of nationally recognized cybersecurity best practices. This white paper, commissioned by the State Educational Technology Directors Association (SETDA) as part of the work of…
NC investigating claims Facebook received WakeMed, Duke Health patient data
Lauren Ohnesorge reports: A month after a federal lawsuit alleged Triangle hospitals disclosed patient phone numbers and other information to Facebook (Nasdaq: META) without permission, North Carolina officials confirm the state is also investigating. The accusations involve Facebook’s Pixel tracking tool, which plaintiff attorneys in multiple lawsuits filed across the country claim is being improperly used…
Brazil arrests suspect linked to the Lapsus$ hacking group
Sergiu Gatlan reports: Today, the Brazilian Federal Police arrested a Brazilian suspect in Feira de Santana, Bahia, believed to be part of the Lapsus$ extortion gang. The suspect was detained following an investigation started in December 2021 after last year’s breach of the Brazilian Ministry of Health. Read more at BleepingComputer. Related: Statement from the Brazilian…