Lawrence Abrams reports: A PowerShell script used by the Pysa ransomware operation gives us a sneak peek at the types of data they attempt to steal during a cyberattack. […] Yesterday, MalwareHunterTeam shared a PowerShell script with BleepingComputer used by the Pysa ransomware operation to search for and exfiltrate data from a server. This script is designed…
Hacking group nicknamed SparklingGoblin is accused of stealing usernames and IP addresses from US computer retailer and Canadian schools
Adam Manno reports: A hacking group has targeted the networks of US media and retail companies to gather usernames and IP addresses, according to research from an antivirus company. Slovakia-based cybersecurity company Eset has identified a ‘backdoor’ used by a group it calls SparklingGoblin to enter firm’s supposedly secure servers, according to a post on the company’s…
Federal Court Finds Article III Standing In Data Event Litigation But Dismisses Majority of Plaintiff’s Claims Under Rule 12(b)(6)
Katie Sharpless of Squire Patton Boggs writes: CPW previously has covered multiple decisions that address Article III standing requirements for pleading a claim in federal court. A recent decision out of a federal court in Missouri is an example of a Court finding that Plaintiff properly alleged facts to constitute standing in a data event…
Hackers Could Increase Medication Doses Through Infusion Pump Flaws
Lily Hay Newman reports: From pacemakers and insulin pumps to mammography machines, ultrasounds, and monitors, a dizzying array of medical devices have been found to contain worrying security vulnerabilities. The latest addition to that ignoble lineup is a popular infusion pump and dock, the B. Braun Infusomat Space Large Volume Pump and B. Braun SpaceStation, that a determined hacker could manipulate to…
Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc
Ravie Lakshmanan reports: Cybersecurity researchers on Tuesday took the wraps off four up-and-coming ransomware groups that could pose a serious threat to enterprises and critical infrastructure, as the ripple effect of a recent spurt in ransomware incidents show that attackers are growing more sophisticated and more profitable in extracting payouts from victims. “While the ransomware…
FBI sends its first-ever alert about a ‘ransomware affiliate’
Catalin Cimpanu reports: The US Federal Bureau of Investigations has published today its first-ever public advisory detailing the modus operandi of a “ransomware affiliate.” A relatively new term, a ransomware affiliate refers to a person or group who rents access to Ransomware-as-a-Service (RaaS) platforms, orchestrates intrusions into corporate networks, encrypt files with the “rented ransomware,”…