Lani M. Duffy and Richard A. Walawender of Miller Canfield write: The U.S. government and military experts have been warning U.S. companies that Russia may launch significant cyberattacks against critical infrastructure, financial institutions and businesses in retaliation for the sanctions imposed against Russia. Last week, the Cybersecurity & Infrastructure Security Agency (established in 2018 under…
Airline Sues to Stop Popular Web-Scraping Service–American Airlines v. The Points Guy
Kieran McCarthy writes: Those interested in web scraping legal issues had high hopes that the Supreme Court’s opinion in Van Buren v. United States last summer would provide clear guidelines on which types of online data access were permissible and which were not. And while most would agree that the Supreme Court avoided a worst-case scenario with its…
ContiLeaks providing new insights and evidence against Conti
It almost felt like Christmas came early in a winter of despair. As noted yesterday, a Conti member who appears furious with Conti for its statement supporting Russia started dumping internal records from Conti with a statement ending, “Glory to Ukraine!” The leak was first reported on Twitter by VX-Underground: Conti ransomware group previously put…
Why won’t law enforcement answer questions about RaidForums? Or have they just winked?
“Oh for f*** sake,” a February 25th message on Signal to me began. RaidForums had been seized, I was told. But had it been? [Note: this article does not link to RaidForums’ site as it is may still be a phishing page.] A WHOIS lookup on the domain today shows that the registration for RaidForums[.]com…
Conti and Karma actors attack healthcare provider at same time through ProxyShell exploits
I’ve occasionally seen evidence that one victim was hit by more than one group or threat actor, but Sophos provides the most detailed reporting I’ve ever seen on one such incident. Sean Gallagher takes us through the saga that impacted a healthcare provider in Canada hit by two separate ransomware groups — Karma and Conti….
Toyota to halt operations at all Japan plants due to cyberattack
Reuters reports: Toyota said it will suspend all domestic factory operations on Tuesday losing around 13,000 cars after one a company supplying plastic parts and electronic component was hit by a suspected cyberattack. No information was immediately available about who was behind the attack or the motive. The attack comes just after Japan joined Western…