Commentaries and Analyses – WindowsTechs.com

Two ransomware attacks in 2023 first disclosed in April — Kisco Senior Living, Blackstone Valley Community Health Care

Posted on April 22, 2024 by Dissent Doe PHD

Two more ransomware incidents that occurred in 2023 were disclosed this week. One was disclosed 10 months after the incident, and the other was disclosed 5 months after the incident. Kisco Senior Living On or about June 15, 2023, BlackByte claimed resp… Continue reading Two ransomware attacks in 2023 first disclosed in April — Kisco Senior Living, Blackstone Valley Community Health Care→

NIS2 implementation enters the final stretch – six months to deadline

Posted on April 19, 2024 by Dissent Doe PHD

Mark Young, Paul Maynard, and Aleksander Aleksiev of Covington and Burling write: In six months’ time, on 17 October 2024, Member State laws that transpose the EU’s revised Network and Information Systems Directive (“NIS2”) will start to apply. As des… Continue reading NIS2 implementation enters the final stretch – six months to deadline→

Cybersecurity firm suspects Russia-linked hacking group behind cyberattack on Texas water facility

Posted on April 17, 2024 by Dissent Doe PHD

Tom Olson reports: A hacking group with ties to the Russian government is suspected of carrying out a cyberattack in January that caused a tank at a Texas water facility to overflow, experts from US cybersecurity firm Mandiant said Wednesday. The attac… Continue reading Cybersecurity firm suspects Russia-linked hacking group behind cyberattack on Texas water facility→

Data allegedly from Change Healthcare ransomware attack raises more questions than answers (1)

Posted on April 16, 2024 by Dissent Doe PHD

UPDATE: Sometime earlier today, after my communication with RansomHub, they removed the April 15 update described in the post from their listing. It has now been replaced with a note: Change HealthCare – OPTUM Group – United HealthCare Gro… Continue reading Data allegedly from Change Healthcare ransomware attack raises more questions than answers (1)→

Minneapolis therapy clinic sues over cyberattack at UnitedHealth subsidiary

Posted on April 14, 2024 by Dissent Doe PHD

Christopher Snowbeck reports on how the Change Healthcare attack has affected one clinic in Minnesota. His report provides a good illustration of the issues raised by a recent AMA survey of some physicians, reported here previously. From his reporting:… Continue reading Minneapolis therapy clinic sues over cyberattack at UnitedHealth subsidiary→

Threat actors walked away from a $1.8 million offer because the victim talked to the media?!

Posted on April 4, 2024 by Dissent Doe PHD

A recent listing on LockBit’s leak site about Crinetics Pharmaceuticals seemed unusual. It included a disclaimer: “Those responsible for the exfiltration of data belonging to this victim have no association, indirect or direct, with the Loc… Continue reading Threat actors walked away from a $1.8 million offer because the victim talked to the media?!→

Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023

Posted on April 4, 2024 by Dissent Doe PHD

CSRB’s Third Review Focuses on Actions Microsoft, Other Cloud Providers, and the U.S. Government Should Take to Protect Cloud Customers WASHINGTON – Today, the U.S. Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) f… Continue reading Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023→

Cybercriminals Abused Remote Desktop Protocol (RDP) in 90% of Attacks Handled by Sophos Incident Response in 2023

Posted on April 3, 2024 by Dissent Doe PHD

Some more analysis of 2023 breaches. Sophos reports that for more than 150 incident response (IR) cases it handled in 2023, cybercriminals abused remote desktop protocol (RDP) in 90% of attacks. This was the highest incidence of RDP abuse since Sophos … Continue reading Cybercriminals Abused Remote Desktop Protocol (RDP) in 90% of Attacks Handled by Sophos Incident Response in 2023→

Grassley, Wyden Probe Data Breach that Exposed 1.5 Million Organ Transplant Patients’ Sensitive Data

Posted on March 28, 2024 by Dissent Doe PHD

AJ Taylor reports: Sens. Chuck Grassley (R-Iowa) and Ron Wyden (D-Ore.) are holding the United Network for Organ Sharing (UNOS) accountable after a data breach allowed UNOS system users unauthorized access to over a million sensitive patient records. T… Continue reading Grassley, Wyden Probe Data Breach that Exposed 1.5 Million Organ Transplant Patients’ Sensitive Data→

Med-Data data leak $7M class action settlement

Posted on March 21, 2024 by Dissent Doe PHD

There is an update to a data leak incident discovered and reported by independent researcher Jelle Ursem and DataBreaches.net in April 2021. Top Class Actions reports that Med-Data, a business associate that handles health insurance claims data, has a… Continue reading Med-Data data leak $7M class action settlement→