The Dark Overlord has, as the group promised or threatened, released documents it claims it hacked from real estate and insurance companies. The group says the firms engaged in a far-fetched conspiracy to stage the 9/11 attacks. They've offered to sell the documents (for Bitcoin, of course), but so far the teasers they've posted to Pastebin seem for the most part to be old stuff recycled from earlier breaches (Naked Security). Need we add that the files don't remotely add up to evidence of much of anything, still less a 9/11 conspiracy? The Dark Overlord's posts have been fairly quickly removed from Pastebin, and Twitter has also blocked at least one account that was hawking the Overlord's wares.
It's become increasingly clear that the malware involved in the weekend's attack against US newspaper printing plants was a Ryuk variant (SecurityWeek). Ryuk has appeared in a number of extortion campaigns before, and it's said to be well-adapted for tailoring against specific targets and their high-value business processes. Check Point calls Ryuk "artisanal" as opposed to "commodity" malware. In this attack Check Point says it's seen little evidence of automatic propagation capability, which suggests some significant preliminary preparation by the attackers (Government Technology). Attribution remains unclear. Those willing to speculate cite mostly circumstantial code similarities to past attacks.
Australian media are claiming the first big breach of 2019 for Oz: a major, phishing-induced breach has exposed information on tens of thousands of government workers in the state of Victoria (Computer Business Review).