Archives: Cybersecurity

Subscribe to Cybersecurity RSS Feed

Capital One Required to Produce Forensic Report in Class Action

As a litigator, when responding to any security incident, thoughtful consideration is given to the possibility that the security incident may wind up in litigation, and therefore, certain decisions are made in anticipation of that litigation. Without getting into the details of the legal doctrines of attorney-client privileges, work product doctrine, and in anticipation of … Continue Reading

Texas Court System Hit with Ransomware

The Office of Court Administration in Texas (OCA) confirmed late last week that it is the victim of a ransomware attack. The OCA stated that it would not pay the ransom. “OCA was able to catch the ransomware and limit its impact, and will not pay any ransom…Work continues to bring all judicial resources and … Continue Reading

Adult Streaming Site Leaves 7TB of Users’ Information Unsecured

Live adult streaming website CAM4 has reportedly not secured 7TB of users’ information, which may be able to be used for blackmail and identity theft purposes, according to researchers from Safety Detectives. According to reports, CAM4 users pay to watch live streamed explicit adult content from consenting amateur performers who film themselves and post the … Continue Reading

Shade Ransomware Group Shuts Down

Some good news in the ransomware world, which is so rare these days. The Shade (Troldesh) ransomware group has retired and is shutting down. When do you ever hear that a ransomware group is shutting down? According to reports, Shade has publicly announced that it is retiring (apparently it has made enough money to do … Continue Reading

Sodinokibi Hackers Switch Payment Mechanism to Monero

The hackers behind the Sodinokibi/REvil ransomware have reportedly switched their demands for payment from Bitcoin or Ethereum to Monero cryptocurrency to try to prevent law enforcement from tracking payments. The hackers reportedly advertised the switch in a posting to an online hacker and malware forum, and admitted that the switch from Bitcoin to Monero is … Continue Reading

FBI Issues Warning of Increased BEC During COVID-19 Pandemic

On April 6, 2020, the Federal Bureau of Investigation (FBI) issued a warning to companies to be aware of an increase in business email compromises (BEC) entitled “FBI Anticipates Rise in Business Email Compromise Schemes Related to the Covid-19 Pandemic.” Although BECs have been around for years, attackers are using the fact that many employees … Continue Reading

City of L.A. Email Blunder Exposes COVID-19 Test Results to All Recipients

Although email seems to be the preferred method of communication during the coronavirus pandemic, an error made by a City of Los Angeles employee is one to learn from and avoid repeat. Unfortunately, when emailing COVID-19 results to multiple individuals, instead of blind copying the recipients with the results, a staff member from the City … Continue Reading

Microsoft Issues Cybersecurity Risk Warning and Offers Help to Hospitals During COVID-19 Crisis

On April 1, 2020, Microsoft issued a specific warning to health care entities alerting them that they are at particular risk during the COVID-19 crisis, as threat actors are using the pandemic to take advantage of vulnerabilities while hospitals are focused on responding to the crisis. According to Microsoft “[D]uring this time of crisis, as … Continue Reading

COVID-19 Vaccine Test Lab Hit by Maze Ransomware

Despite the fact that the hackers behind Maze ransomware previously promised not to hit medical organizations during the coronavirus pandemic, it recently attacked a British medical lab that is slated to test COVID-19 vaccines during the pandemic. The Maze hackers previously said publicly that it would “stop all activity versus all kinds of medical organizations … Continue Reading

City of Durham, NC Hit With Ryuk Ransomware

Another city—Durham, North Carolina—has become the victim of a ransomware attack stemming from a Russian hacker group following a successful phishing scheme. After falling victim to the ransomware attack last weekend, the city shut down its network, including disabling access to the network by the Durham Police Department, the Sheriff’s Office and the communications center. … Continue Reading

Vegas Casinos Are “Cash Only” After Suspected Ransomware Attack

Two Las Vegas casinos’ networks were down over the past week, with posted signs saying “Cash Only” throughout the casinos after a suspected ransomware attack. Electronic slot machines were silent as the casinos reacted to the security incident. The Nevada State Gaming Control Board was aware of the situation and disclosed that it is monitoring … Continue Reading

Natural Gas Compressor Facility Shut Down After Ransomware Attack

The Department of Homeland Security (DHS) announced this week that a ransomware attack shut down a natural gas compressor facility for two days. While in the network, the attacker deployed software trying to “identify critical assets” before setting off the ransomware and in the process, may have also disabled detection processes in place to identify … Continue Reading

Privacy Tip #227 – Sextortion Ransomware

Criminal minds are creative, and new ransomware strains show just how creative cyber-attackers can be. A new strain of ransomware, dubbed Ransomwared, requests a different kind of payment from the victim than the typical bitcoin request. Instead of paying for the decryption of data, or to prevent cyber-attackers from releasing private photos they have obtained … Continue Reading

Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion

Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in 2021 will fall victim to a ransomware attack every 11 seconds, down from every 14 seconds in 2019. That figure is based on historical cybercrime figures. It is estimated that the cost of ransomware to businesses will … Continue Reading

Frequency and Cost of Insider Threats Continue to Increase

The Ponemon Institute recently issued its 2020 Cost of insider Threats Global Report, which finds that the frequency and cost of insider threats is continued to increase. Sponsored by ObserveIT and IBM, the 2020 report is the third consecutive report that studies insider threats and their impact on businesses in terms of frequency, cost and … Continue Reading

Industrial Control Systems at Risk from Targeted Snake Malware

Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing sites, and electrical and power grids. Although there have been a few successful attacks against ICS in the past, including the destruction of a … Continue Reading

Cyber Criminals Using Coronavirus Concern to Assist with Intrusions

Concern over the spreading coronavirus from China is legitimate and real. The World Health Organization (WHO) has declared the coronavirus a global health emergency, and the United States and other countries are limiting travel of individuals from the affected areas in China. As we have seen with other public concerns, cyber criminals and threat actors … Continue Reading

Ransomware Attacks More Frequent and Recovery Efforts Extended in 2020

A new report published by Coveware concludes that companies hit with ransomware attacks spend an average of 16 days recovering from the attack. Think about being offline and unable to do business for 16 business days. It is extremely disruptive and costly. It takes larger organizations longer to recover than smaller ones, and larger organizations … Continue Reading

Crime-as-a-Service Targets Popular Platforms

It’s getting difficult to keep up with the jargon of all of the new digital scams. The SaaSes in the beginning became regular business terms, such as Software-as-a-Service (SaaS), and Business Processes-as-a-Service (BPaaS). But then the criminal enterprises came up with Malware-as-a-Service (MaaS), Ransomware-as-a-Service (RaaS) and now Crime-as-a-Service (CaaS). A new Crime-as-a-Service offering is targeting … Continue Reading

NIST Releases Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management

The National Institute of Standards and Technology (NIST) released its first privacy framework tool  (the Privacy Framework) on January 16, 2020. In the Executive Summary, NIST states that with the unprecedented flow of data of individuals through a complex digital ecosystem, individuals may not be able to understand the potential consequences for their privacy as they … Continue Reading

FBI Warns of Retaliatory Cyber-Attack from Iran

The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This follows the warning last week by the Department of Homeland Security (DHS). The FBI and DHS issued a bulletin to law enforcement groups warning of potential physical and cyber-attacks … Continue Reading
LexBlog