Governments may not want hacking victims to negotiate with threat actors or pay ransom, but the founder of a hacked crypto exchange is offering the hacker(s) a reward if they return what they stole. The Register reports: The founder of the Poloniex has offered to pay off thieves who drained an estimated $120 million of […]
Reuters reports: Global regulators and bond traders were on Friday trying to gauge the impact of a ransomware attack on the Industrial and Commercial Bank of China (ICBC), China’s biggest bank, that disrupted trades in the vital U.S. Treasuries market this week. ICBC’s U.S. arm was hit on Thursday in the latest of a string of ransomware […]
Engadget reports: The state agencies of Maine had fallen victim to cybercriminals who exploited a vulnerability in the MOVEit file transfer tool, making them the latest addition to the growing list of entities affected by the massive hack involving the software. In a notice the government has published about the cybersecurity incident, it said the event impacted […]
Bleeping Computer reports: Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware. SysAid is a comprehensive IT Service Management (ITSM) solution that provides a suite of tools for managing various IT services within an organization. The Clop ransomware is notorious […]
New York State continues to strengthen cybersecurity regulations for financial institutions. New amendments to the Cybersecurity Regulation enacted in 2017 strengthen the regulation and add new security obligations. As Hunton Andrews Kurth summarizes it, “The new amendments strengthen the initial framework and require NYDFS-regulated entities to adhere to a number of additional prescriptive data security […]
CyberNews reports: Sun Life data was exposed after MOVEit hackers breached Pension Benefit Information (PBI), jeopardizing hundreds of thousands of individuals. Sun Life, a financial services company managing a trillion dollars worth of assets, informed the Maine Attorney General that a third-party breach had impacted 212,129 individuals. Earlier this year, the company was impacted by […]
Bloomberg reports: New York regulators assigned heightened cybersecurity requirements to banks, insurers, and financial services providers based in the state with the release of finalized rule amendments Wednesday. Covered entities will have to use multifactor authentication, expand cybersecurity governance duties, and conduct consistent threat testing under the regulation updated by the New York Department of Financial Services. […]
The Hill reports: The U.S. sued a software company targeted in a massive Russian cyber espionage campaign Monday. The Securities and Exchange Commission (SEC) suit against Texas-based SolarWinds is seeking civil penalties, reimbursement of “ill-gotten gains” and the removal of the company’s top security executive, Tim Brown, according to The Associated Press. “We allege that, for years, […]
Eric Geller reports: The Biden administration and dozens of foreign allies will pledge this week never to pay ransoms to hackers who lock up their national governments’ computer systems, hoping to discourage financially motivated cyber criminals from seeing those systems as attractive ransomware targets. The joint promise will occur as part of the third annual […]
International Counter Ransomware Initiative 2023 Joint Statement
Released by the White House, November 2, 2023 The 50 members of the International Counter Ransomware Initiative (CRI)—Albania, Australia, Austria, Belgium, Brazil, Bulgaria, Canada, Colombia, Costa Rica, Croatia, the Czech Republic, the Dominican Republic, Egypt, Estonia, the European Union, France, Germany, Greece, India, INTERPOL, Ireland, Israel, Italy, Japan, Jordan, Kenya, Lithuania, Mexico, the Netherlands, New […]