Windows Security Breaches and Data Abuse

posted by Roy Schestowitz on May 07, 2023,
updated May 07, 2023

• : ‘Ransomware cult’ claims to have hacked two local schools [Ed: Microsoft Windows TCO]

  Folders containing sensitive information were published on Twitter by a group claiming to have hacked into Socrates Academy in Matthews and Movement School.

  The hackers, which Queen City News has decided not to name, first posted proof of their hack, promising more to come if school officials didn’t cooperate.

• Big Game Hunting is back despite decreasing Ransom Payment Amounts [Ed: Microsoft Windows TCO]

  Midway through Q1 the winds of progress shifted, and we observed a material increase in attacks on large enterprises that achieved levels of impact that we had not observed since before the Colonial Pipeline attack in May 2021. In 2019 and 2020 it was fairly common to see large enterprises become completely paralyzed by ransomware encryption. This evolved in the quarters that followed the Pipeline attack. We highlighted the key reasons for ransom payment contraction last quarter, which focused on enterprises realizing a return on security & incident response training investments, law enforcement activity, and the compounding nature of contracting unit economics within the cyber extortion industry. These factors were countered by behavioral shifts from the threat actors towards more fluid operations. These we highlighted in Q2 2022, to show how ransomware actors were treading more lightly in response to better security and LE takedowns.

• A rough year: first a ransomware attack, then a credential stuffing attack affecting more than 1 million patients.

  On April 28, NextGen submitted a breach notification to the Montana Attorney General’s Office. Thinking it would be a report linked to the ransomware attack by AlphV (BlackCat) in January, DataBreaches prepared to write an update.

• New York AG Releases Guide for Businesses on Effective Data Security

  As noted in a prior post, New York’s Attorney General (“NYAG”) has made enforcement of the New York SHIELD Act an enforcement priority. The SHIELD Act requires organizations handling personal information related to New York residents to maintain reasonable safeguards to protect that information. Maintaining its focus on this area, the NYAG recently released a guide to help organizations strengthen their data security programs and “to put [them] on notice that they must take their data security obligations seriously, and at a minimum, take the reasonable steps outlined” in the NYAG’s guide (the “Guide”).

  The Guide is based on the NYAG’s experiences in investigating and prosecuting organizations in the wake of data incidents. It states that the NYAG received 4,000 data breach notifications in 2022 and penalized organizations millions of dollars for failing to comply with their data security obligations.

  In the Guide, the NYAG recommends action in nine areas.

• Two class action lawsuits against home healthcare providers get preliminary settlement approval

• Fairfax County Public Schools breach exposed sensitve student information

  Fairfax County Public Schools (FCPS) has had numerous breaches in the past 15 years, including one ransomware incident that affected more than 170,000 former and current employees and students. Here’s a recent incident that just showed up on a state attorney general’s website.

More more bits of FUD:

• Russians weaponise WinRAR to attack Ukraine [Ed: No, they weaponise Microsoft Windows]

  Ukrainian state networks have fallen victim to data wiping by Russian state-sponsored hackers, who erased data after exploiting VPNs and using malware abusing the common [Windows program]...

• CrowdStrike focuses on ChromeOS security, rising cloud threats [Ed: CrowdStrike is a Microsoft proxy; it won't expose Windows for the security hoax that it is]

• Does macOS need third-party antivirus in the enterprise? [Ed: Distracting from the principal culprit, Windows, which is designed to be remotely accessible by unauthorised parties]

  Macs are known for their security, but that doesn't mean they're safe from viruses and other threats. IT teams can look into third-party antivirus tools to bolster macOS security.

• The pros and cons of VPNs for enterprises [Ed: VPNs are not security but a mask for systems that are designed with back doors]