Security Leftovers
-
International Business Times ☛ 2024-02-16 [Older] Israeli Startup KTrust Disrupts Kubernetes Security with Proactive Red Teaming Approach
-
Data Breaches ☛ Zalkin law firm settles suit by clients whose sex abuse details were hacked by BlackCat
The Zalkin Law Firm (“Zalkin”), a San Diego firm advocating for sexual abuse survivors nationwide, was sued in September after BlackCat gained access to the firm’s system and exfiltrated 523 clients’ personal information, including sexual abuse details. On their dark web leak site, the threat actors claimed to have exfiltrated 415.63 GB of sexual harassment lawsuit data, with all records, notes, evidence depositions, and personal information. When the law firm did not pay their demands, the threat actors reached out directly to clients. Ariana Deats, the named plaintiff, received an email from BlackCat informing her of the breach and that her records were in their possession.
According to the complaint, Zalkin reportedly became aware of the breach on April 6, but letters were not sent to those affected until September. Because BlackCat’s site was seized in December by law enforcement, DataBreaches was unable to check to confirm whether BlackCat had ever leaked all of the data they had claimed to have stolen.
-
School cyber incidents on Long Island: Reported cases rose sharply in 2023
Long Island schools saw a big increase in the number of reported computer hacks and other cyber incidents in 2023 compared to the prior year, and human error continued to be a major cause of exposing sensitive student information such as special education disabilities and disciplinary problems, records show.
Island schools suffered 35 cyber incidents last year, a bump of 52% from 23 the year before, according to state Education Department records obtained by Newsday via a Freedom of Information request. The numbers showed a continuing year-over-year trend of more reported incidents, as the 2022 figure represented twice as many as in 2021.
Many of these cyber troubles were self-inflicted.
-
Windows TCO
-
Cyble Inc ☛ Underrated Methods To Prevent Cyber Risk
This is why most organizations have invested significantly in trying to attack-proof their networks, relying on solutions that automate both threat detection and response. Automation solutions range from looking for known threats with known signatures to anomaly detection – looking for potential indicators of compromise from zero-day threats, where signatures have yet to be identified.
-
The Register UK ☛ LockBit extorted $1B+ from victims over four years
Although the cut taken by LockBit typically varies, around 20 percent of the total ransom fee is paid to the LockBit organization, while the affiliate who actually carried out the attack keeps the remainder.
It means the actual total sum of money extorted from victims stands to be considerably higher, deep into the hundreds of millions of dollars, according to the analysts at the South West Regional Organised Crime Unit and Chainalysis.
-
Krebs On Security ☛ FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga.
The FBI’s takedown of the LockBit ransomware group last week came as LockBit was preparing to release sensitive data stolen from government computer systems in Fulton County, Ga. But LockBit is now regrouping, and the gang says it will publish the stolen Fulton County data on March 2 unless paid a ransom. LockBit claims the cache includes documents tied to the county’s ongoing criminal prosecution of former President Trump, but court watchers say teaser documents published by the crime gang suggest a total leak of the Fulton County data could put lives at risk and jeopardize a number of other criminal trials.
-