Lawrence Abrams reports: The BlackByte ransomware is back with version 2.0 of their operation, including a new data leak site utilizing new extortion techniques borrowed from LockBit. After a brief disappearance, the ransomware operation is now promoting a new data leak site on hacker forums and through Twitter accounts the threat actor controls. Read more at…
Ar: Aceitera General Dehezas discloses ransomware attack
Argentinian agribusiness Aceitera General Deheza (AGD) was attacked on August 10. According to a statement the business made, the attackers asked for money to recover the data. The company issued the following statement to Region Del Mani: “Our company has detected an intrusion in its computer systems. It is for this reason that security protocols…
WestJet app data breach reveals other people’s personal information
Stephen Hunt reports: WestJet says it’s investigating a technical glitch on its app that allowed users to see other people’s profiles. CTV News first learned of the issue Wednesday afternoon from a viewer and a Twitter post that indicated that once you logged on to the airline’s app, you could see the personal information of…
Brazilian police launch investigation targeting Lapsus$ group
Andrea Peterson reports: Brazil’s Federal Police carried out eight search and seizure warrants Tuesday as part of an investigation into attacks claimed by the Lapsus$ Group that disrupted the country’s Ministry of Health last December, the agency announced in a press release. Police did not specifically name Lapsus$ Group in the announcement. However, the details described…
TX: Methodist McKinny Hospital beat Karakurt to the punch by revealing attack quickly
Yesterday, Karakurt threat actors added the Methodist McKinny Hospital in Texas to their dark web leak site. They listed the hospital as a “pre-release,” which is their way of putting pressure on a victim — or trying to put pressure on a victim — to pay so their data is not leaked or auctioned off….
New York Becomes First State to Require CLE in Cybersecurity, Privacy and Data Protection
By Hunton Andrews Kurth’s Privacy and Cybersecurity On June 10, 2022, New York became the first state to require attorneys to complete at least one credit of cybersecurity, privacy and data protection training as part of their continuing legal education (“CLE”) requirements. The new requirement will take effect July 1, 2023. The New York State…