LATEST POST
MGM Resorts Update: ALPHV’s statement about the breach, incident response, and fake news
It’s not unusual for ransomware groups to comment on a victim’s incident response in a negative way. Nor is it unusual for these groups to carefully monitor media coverage. It is somewhat unusual, though, for a major group to get so angry at researchers or news outlets that they actually call them all out by […]
Insurance Carrier Caught Red-Handed in Fingerprints Retention Case
In the matter of Remprex, LLC v. Certain Underwriters at Lloyd’s London, policyholder Remprex was thrust into two separate class actions, both involving alleged violations of the Biometric Information Privacy Act (“BIPA”). Remprex could not receive coverage under their media liability policy due to an exclusion of coverage for losses arising from the unlawful collection or […]
CrelioHealth leak exposed 28M+ patient records
Human error in configuring data storage continues to result in massive leaks or potential leaks of personal and sensitive health data. In today’s news, we learned that CrelioHealth left an Elasticsearch cluster exposed. Luckily for them, it was a whitehat researcher, Bob Diachenko of SecurityDiscovery, who spotted the problem and contacted them to alert them. […]
Some municipal court systems using REJIS report suspending services due to “security incident”
The Regional Justice Information System (REJIS) is used by court systems to support docket functions and certain scheduling functions such as the release of prisoners. REJIS is a government commission that provides services to criminal justice departments across Missouri as well as in Illinois and Kansas. On Monday, Louis County (Missouri), Kansas City (Missouri), Kansas […]
Facebook Messenger phishing wave targets 100K business accounts per week
Hackers use a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages to target Facebook business accounts with password-stealing malware. The attackers trick the targets into downloading a RAR/ZIP archive containing a downloader for an evasive Python-based stealer that grabs cookies and passwords stored in the victim’s browser. […]
Save the Children hit by BianLian extortionist gang
BianLian, previously known as a ransomware gang but more recently known for not bothering with encryption but just hacking and exfiltrating data, has reportedly attacked Save the Children, a well-known non-profit. While BianLian did not name the charity (they obfuscate their victims’ names while they are still hoping to get paid), their description of the […]
MGM Resorts Dealing With Significant Cyberattack (Update 3)
Hotel and casino operator MGM Resorts is dealing with a cyberattack that has somewhat sent it back into the digital dark ages at multiple properties and locations. On September 11, MGM Resorts posted a statement on its Twitter account confirming that it was dealing with what it described as a cybersecurity incident. They did not […]
So you paid the attackers to get your data back? Sit down, because we have something sad to tell you.
Victims unfortunate enough to have been hit with a ransomware attack that either lock all their data and backups or delete it all and demand payment to get data back are often given assurances that not only will they get a decryption key if their data was locked, but the attackers stand ready to promptly […]