Cybersecurity

Subscribe to Cybersecurity

Coveware issued its Q1 2021 Ransomware Report on April 26, 2021, which concludes that “[D]ata exfiltration extortion continues to be prevalent and we have reached an inflection point where the vast majority of ransomware attacks now include the theft of corporate data.”

The Report states that the average ransom payment increased 43 percent from $154,108

Pennsylvania Governor Tom Wolf announced this week that the Commonwealth will not continue to do business with its contact tracing vendor following a security incident that potentially exposed the personal information of approximately 72,000 residents collected for the Department of Health’s (DoH) contact tracing program.

According to the (DoH), employees of the vendor created documents

Eversource Energy, which is the largest energy supplier in New England with 4.3 million customers in Connecticut, Massachusetts, and New Hampshire, is notifying customers that their personal information was compromised on an unsecured cloud server.

The personal information that was compromised includes names, addresses, telephone numbers, Social Security numbers, services addresses, and account numbers. The

The Associated Press has reported that the Metropolitan Washington, D.C. police department has been the victim of a hacking incident for which the Russian-based ransomware group Babuk is claiming responsibility. According to the department, the FBI is investigating the incident.

It is reported that the department’s police operations were not affected. Babuk claims that it

The National Security Agency (NSA) recently issued a warning to private industry about four zero-day vulnerabilities in Microsoft Exchange Server versions 2013, 2016, and 2019 used on-premises. The NSA recommends immediate patching of the vulnerabilities before they are exploited by threat actors.

The vulnerabilities could lead to remote execution of code that would allow threat

The Houston Rockets NBA basketball franchise recently announced that it is investigating a ransomware attack that was partially prevented by internal security tools. According to the team, “unknown actors attempted to install ransomware on certain internal systems at the Rockets. However, our internal security tools prevented ransomware from being installed except for a few systems

The New York Department of Financial Services (NYDFS) has settled alleged violations of the Department’s strict cybersecurity regulations with National Securities Corp. (NSC) for $3 million, regarding four separate cybersecurity events suffered by it and its affiliate National Asset Management, Inc. (NAM) between April 3, 2018 and April 30, 2020.

The Consent Order reports that

The Federal Bureau of Investigations (FBI) recently issued a joint alert with the Department of Homeland Security/Cybersecurity Infrastructure and Security Agency (CISA) that “Mamba ransomware has been deployed against local governments, public transportation agencies, legal services, technology services, industrial, commercial, manufacturing, and construction businesses.”

According to the Alert, the hacking group behind the Mamba ransomware

Applus Technologies, Inc., a vendor of multiple state Departments of Motor Vehicles that assists states with vehicle inspections, recently announced that its systems have been affected by malware, disrupting motor vehicle inspections in Connecticut, Georgia, Idaho, Illinois, Massachusetts, New York, Texas, and Utah. As a result of the outage, vehicle inspections have not been able