Bill Toulas reports: The U.S. Department of Justice (DoJ) has announced the conviction of Sercan Oyuntur, 40, resident of California, for multiple counts relating to a phishing operation that caused $23.5 million in damages to the U.S. Department of Defense (DoD). The fraudster managed to divert to his personal bank account DoD funds destined for a…
REvil ransomware returns: New malware sample confirms gang is back
Lawrence Abrams reports: The notorious REvil ransomware operation has returned amidst rising tensions between Russia and the USA, with new infrastructure and a modified encryptor allowing for more targeted attacks. In October, the REvil ransomware gang shut down after a law enforcement operation hijacked their Tor servers, followed by arrests of members by Russian law enforcement. […] A…
Alleged docket dumping probed (South African Police Service)
Natasha Bezuidenhout reports: Police are investigating allegations which claim police files, dockets and rape kits from Steenberg Police Station were found discarded at a dumping site. Ward 68 councillor Marita Petersen claimed she found remnants of police dockets and rape kits dumped in Steenberg since the beginning of April. Read more at News24
Excellus Health Plan Settles Data Breach Suit With Policyholders
Samantha Hawkins reports: Excellus Health Plan Inc. will settle a data breach lawsuit with a certified class over a 2013 hacking incident that compromised the personal data of approximately 10 million policyholders. Matthew Fero, who filed the suit against Excellus and several associated healthcare companies in 2015, claims that customers’ personal identifying information, Social Security…
State Bar of Georgia investigating cyberattack
From an undated notice on their home page: The State Bar of Georgia recently learned of unauthorized access to its network. Upon learning of the unauthorized access, we immediately took steps to secure the network, a cybersecurity firm was engaged and a thorough investigation is being conducted. An endpoint detection and response system is being…
North Carolina Becomes First State to Prohibit Public Entities from Paying Ransoms
Hunton Andrews Kurth writes: On April 5, 2022, North Carolina became the first state in the U.S. to prohibit state agencies and local government entities from paying a ransom following a ransomware attack. North Carolina’s new law, which was passed as part of the state’s 2021-2022 budget appropriations, prohibits government entities from paying a ransom to…