'Ransomware Is Quickly Becoming a National Emergency' Amid Pandemic: CISA Acting Director Testifies (The Sociable) "Ransomware is quickly becoming a national emergency" amid the pandemic, CISA Acting Director Brandon Wales testifies in a Senate hearing.
Black Shadow Hackers Demand 200 BTC Ransom from Israeli Insurance Giant Shirbit (Bitcoin News) One of the largest insurance companies in Israel has been hit by a ransomware attack, and the threat actors started to release sensitive data, as the firm
‘Ideological cyber terror’: Israeli firm refuses to pay hackers’ ransom (Haaretz) Shirbit insurance insists motive attack is strategic and not financial; sensitive information dumped on internet after ransom deadline passes
‘Be a mensch’: Hackers leak negotiation texts as Israeli insurer refuses ransom (Times of Israel) Cybercriminals release sensitive data as Shirbit laments 'terrorism,' claims attack is meant to cause strategic harm with no financial motive; talks appear to show otherwise
Shirbit hackers release more data as company refuses to pay ransom (The Jerusalem Post) Medical information, checks and pay stubs were among the customer information released.
Cyber authority to victims post-Shirbit hack: Get new identity cards (The Jerusalem Post) Check Point: Major spike in cyberattacks on Israeli companies
Who's behind this week’s massive cyberattack – and why Israel should worry (Haaretz) Amateurs or a foreign state? Cyber-criminals or hacktivists? Here’s everything you need to know about the ‘anti-Israel’ cyberattack on Shirbit insurance
The Shirbit hack was a warning (Israel Hayom) If you think the ongoing cyberattack on the Shirbit insurance agency was bad, just wait until the black hats break into your city's databases. They're bound to find a treasure trove of even more sensitive information.
DeathStalker APT group seen in US for first time this year, targeting user devices (SC Media) Kaspersky researchers reported that the attack featured a new strain of malware centered around a backdoor that aims to take over user devices.
Hacker-for-Hire Group DeathStalker Implements New Malware (BankInfo Security) The hacker-for-hire group DeathStalker, known for conducting espionage campaigns against small and medium-sized businesses, has started using a new malware strain
Kaspersky catches hacker-for-hire group using 'PowerPepper' malware (CyberScoop) The hack-for-hire business is thriving. Following the revelation in November that a new mercenary group had targeted organizations in South Asia, researchers on Thursday outlined how another suspected hack-for-hire shop has used malicious code to try to breach organizations in Europe and the Americas.
Android apps with 200 million installs vulnerable to security bug (BleepingComputer) Android apps with over 250 million downloads are still susceptible to a severe vulnerability in a Google library that was patched in August 2020.
This ‘Magical Bug’ Exposed Any iPhone in a Hacker's Wi-Fi Range (Wired) A Google researcher found flaws in Apple's AWDL protocol that would have allowed for a complete device takeover.
Novel Online Shopping Malware Hides in Social-Media Buttons (Threatpost) The skimmer steals credit-card data, using steganography to hide in plain sight in seemingly benign images.
Dental clinic learns of ransomware attack after phone call from hackers (HackRead) The ransomware attack was carried out by the Conti ransomware operator in November 2020.
Ransomware gangs are now cold-calling victims if they restore from backups without paying (ZDNet) Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.
Ransomware hits helicopter maker Kopter (ZDNet) Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.
3 Million Pluto TV Users' Data Was Hacked, But the Company Isn't Telling Them (Vice) The data includes email addresses, IP addresses, and hashed passwords.
Ransomware Incident Impacts Greater Baltimore Medical Center Computer Systems (WJZ CBS13) The Greater Baltimore Medical Center confirmed Sunday evening they detected a ransomware incident that brought some of their systems down earlier Sunday.
GBMC Health Care reschedules some procedures because of IT systems outage, ‘ransomware incident’ (Baltimore Sun) Greater Baltimore Medical Center says it learned Sunday morning that GBMC HealthCare’s information technology systems experienced a “network disruption.”
Same Ransomware That Hit K-Mart Disrupts Mass Transit Service In Vancouver (Forbes) It’s been a busy week for the cybercriminals behind the devastating Egregor ransomware.
Kmart’s Troubles Worsen As Struggling Retailer Falls Victim To Ransomware (Forbes) US department store Kmart, which is already battling widespread store closures, has been hit by a ransomware attack that has knocked out the retailer’s back-end services.
Ransomware halts classes for 115,000 Baltimore pupils (BBC News) Baltimore County public schools shut after a cyber-attack knocks lessons offline.
Huntsville City Schools returning to class Monday after cyber attack (WAAY News) Huntsville City Schools will return to classes on Monday after a cyber attack sent students home earlier this week.
Cyber Attack Investigation Could be Lengthy (WAAY News) WAAY-31's Sophia Borrelli Discusses the impact that a Cyberware attack has had on the Huntsville City School Systems and how it affects virtual learning.
Springfield Schools offering free credit monitoring following cyber attack (WesternMassNews.com) A cyber attack targeting Springfield Public Schools a couple months ago now has school leaders taking action.
Firm that built NHS Nightingale Hospital hit by cyber attack (BirminghamLive) The impact from the attack on RMD Kwikform's operations is not yet known
U.S. seeks up to 6 months of prison time for ex-FBI lawyer who pleaded guilty to altering email in Russia probe (Washington Post) U.S. prosecutors Thursday called for a prison term of up to six months for a former FBI lawyer who altered an email the bureau relied on to seek court authorization to surveil former Trump campaign adviser Carter Page during the investigation of Russian interference in the 2016 election.
Amazon Needn't Supply Docs In Capital One Breach Suit (Law360) A Virginia federal judge on Friday partially denied Capital One customers' push for Amazon to fork over documents and materials related to a massive data security breach that allegedly affected more than 100 million of its customers in the U.S., calling their requests "overbroad" and "not appropriate."
Panera Hit With Ill. Biometric Privacy Lawsuit (Law360) Panera LLC broke Illinois' landmark biometric privacy law when it required employees to scan their fingerprints without first getting written permission or providing required information, according to a putative class action filed in Illinois state court Thursday.
Opinion | The Children of Pornhub (New York Times) Why does Canada allow this company to profit off videos of exploitation and assault?
Mastercard to investigate allegations against Pornhub (Reuters) Mastercard Inc said on Sunday it was investigating allegations against Pornhub.com following a newspaper column which said many videos posted on the adult website depicted child abuse.
E.U. Privacy Rule Would Rein In the Hunt for Online Child Sexual Abuse (New York Times) Regulators argue that while abuse imagery on the internet is abhorrent, unchecked scanning for it by tech companies could violate privacy rights. A showdown looms.