Collaborate Disseminate
Bill Toulas reports: A threat actor announced on a cybercrime forum that they sold the source code and a cracked version of the Zeppelin ransomware builder for just $500. The post was spotted by threat intelligence company KELA and while the legitimacy… Continue reading Zeppelin ransomware source code sold for $500 on hacking forum
Insurance Journal reports: Merck & Co. Inc. has reportedly reached a deal with insurers over a closely-watched coverage dispute related to a massive cyberattack in 2017. The New Jersey Supreme Court in July 2023 agreed to hear the case after a stat… Continue reading Merck Settles Coverage Dispute With Insurers Over War Exclusion in NotPetya Attack
As incident response and public relations go, blaming victims for your breach is generally not an impressive strategy. Michael Edgar reports that 23andMe seems to be doing exactly that: Months after the San Francisco based company experienced a data b… Continue reading 23andMe Says Breach Victims Are to Blame, Legal Action is Futile
Nona Tepper reports: Two former UnitedHealth Group executives allegedly took trade secrets with them on the way out the door and used the information to found a pair of diabetes management startups, the conglomerate claims in a federal lawsuit. UnitedH… Continue reading UnitedHealth alleges trade secret theft by ex-execs
Data analyses and commentary by Emsisoft begins: “From 2016 to 2021, we estimate that ransomware attacks killed between 42 and 67 Medicare patients.” — McGlave, Neprash, and Nikpay; University of Minnesota School of Public Health1 In 2023, the U.S. was… Continue reading The State of Ransomware in the U.S.: Report and Statistics 2023
Boris Lairn reports: Today, on December 27, 2023, we (Boris Larin, Leonid Bezvershenko, and Georgy Kucherin) delivered a presentation, titled, “Operation Triangulation: What You Get When Attack iPhones of Researchers”, at the 37th Chaos Communication C… Continue reading Operation Triangulation: The last (hardware) mystery
On August 1, DataBreaches noticed that Parathon by JDA e-Health had been listed on the Akira ransomware leak site. Neither Akira nor Parathon responded to DataBreaches’ inquiries at the time, as DataBreaches reported on August 6. On October 30, P… Continue reading Parathon by JDA e-Health: what we still don’t know about their July ransomware incident
Lawrence Abrams reports: Researchers have created a decryptor that exploits a flaw in Black Basta ransomware, allowing victims to recover their files for free. The decryptor allows Black Basta victims from November 2022 to this month to potentially rec… Continue reading New Black Basta decryptor exploits ransomware flaw to recover files encrypted between November 2022 earlier this month
Daryna Antoniuk reports: Pro-Palestinian hackers say they breached dozens of Israeli entities amid the ongoing war in Gaza, which has also extended into cyberspace. A group calling itself Cyber Toufan said it launched an operation against Israel at the… Continue reading Pro-Palestinian operation claims dozens of data breaches against Israeli firms
Conor James reports: When AlphV/BlackCat’s website went dark this month, it was like Chrimbo came early for cybersecurity defenders, some of whom seemingly believed law enforcement had busted one of the most menacing cyber criminal crews. The exc… Continue reading Cyber sleuths reveal how they infiltrate the biggest ransomware gangs