James Coker reports: Cybersecurity awareness training company KnowBe4 has revealed it was duped into hiring a fake IT worker from North Korea, resulting in attempted insider threat activity. The malicious activity was identified and prevented before any illegal access was gained or any data was compromised on KnowBe4 systems. In a blog published on July 23,…
Ransomware ecosystem fragmenting, but not necessarily great news
Alexander Martin reports: Veteran cybercriminals involved in ransomware attacks are increasingly shying away from large ransomware-as-a-service (RaaS) platforms following a spate of law enforcement disruption operations, as well as the AlphV/BlackCat gang’s high-profile exit scam, according to officials and industry experts. Organized online crime groups are attempting to reduce their dependence on RaaS services by developing…
Acadian Ambulance hit by ransomware attack; Daixin claims info on 10 million patients stolen
A new listing on Daixin Team’s leak site suggested serious problems for Acadian Ambulance. Acadian Ambulance offers several health-related services, including emergency medical transportation, non-emergency transportation, at-home health care, air services, and medical education. It has locations in Louisiana, Mississippi, Tennessee, and Texas. Acadian has been in business since 1971, and at this point, employees…
Kuwait Court Drops Case Against Notorious Pentagon Hacker
Asharq Al-Awsat reports: The Kuwaiti Court of Cassation upheld on Sunday the dismissal of criminal charges against a notorious Kuwaiti hacker who had infiltrated hundreds of websites around the world, including the US Department of Defense’s (Pentagon) website. The Court of Cassation, the highest judicial authority, affirmed a previous ruling by the Court of Appeals…
Suffolk County cyberattack recovery costs hit $25M; final tab still being tallied
Remember how Suffolk County in New York had decided cyberinsurance was too expensive and how they got hit with a ransomware attack by AlphV in 2022. The county not only had no insurance, but it had no cyberattack recovery plan. Mark Harrington reports another update on that incident: Suffolk County approved more than $25…
MNGI Digestive Health joins ranks of “late-notifiers,” finally notifying more than 767,000 patients of breach last summer
This seems to be the month in which many people affected by healthcare breaches in the summer of 2023 are first being notified individually (see, for example, reports on Southcoast Medical and Florida Community Health Centers). Here’s a third one: MNGI Digestive Health was the victim of a cyberattack on August 20, 2023. They reportedly discovered the breach…