Congratulations to @zackwhittaker for 6 years of incredible newsletters! Absolutely one of my must reads every Sunday (except next Sunday)!

Decreasing #ransomware attacks: two strategies to consider:

https://databreaches.net/decreasing-ransomware-attacks-two-strategies-to-consider/

See what you think.

N.B. My site continues to be under attempted massive #DDoS attacks. This post probably won't help me, but screw it. :)

@brett @allan @GossiTheDog @euroinfosec @campuscodi

So now there's a seizure notice on the newer AlphV leak site onion. But is it real or did AlphV just copy/paste the first one to the new site as part of an exit scam?

There has been no press release from DOJ. For now, I'm thinking this is a fake. Prove me wrong.

Updated: Some proof has been provided that it's fake:
https://mastodon.social/@campuscodi/112043484597862876

@brett @briankrebs @allan
#Alphv #Exit #ransomware

#AlphV #BlackCat has confirmed to me that they are responsible for the Change Healthcare #databreach that is having major impact on pharmacies and hospitals throughout the country.

https://www.databreaches.net/yes-change-healthcare-breach-was-us-blackcat/

#infosec #healthsec #ransomware

@brett @allan @BleepingComputer @carlypage @Reuters

@potatogunkelly @howelloneill I also use Protonmail for everything. I like the privacy aspect, and the interface is really nice (or, I am just really used to it).

@spiegelmama thank you for sharing and appreciate the support!

If the purpose of a substitute notice under #HIPAA is to reach people the covered entity may not have sufficient or current contact information for, then burying the notice on the very bottom of the homepage and calling it a “privacy update” as if it is an update to the privacy policy is misleading at best.

Yesterday, I reported on a data breach disclosure by HMG Healthcare. You can read more here:

https://www.databreaches.net/hmg-healthcare-notifies-employees-and-residents-of-cyberattack/

#databreach #HealthSec #cybersecurity #infosec #transparency #disclosure

@brett @allan

@brett @PogoWasRight no, it hasn’t shown up anywhere I follow.

A new ~this week in security~ is now out:

• FTC says Ring snooped on customer videos
• Kaspersky staff hacked with unknown iOS malware
• Gigabyte motherboard sold with firmware backdoors
• Hackers exploiting MOVEit transfer tool zero-day
• Toyota apologizes for a new customer data leak
• Two huge healthcare data breaches
• A brand new cyber cat

Sign up: https://this.weekinsecurity.com/

Read online: https://mailchi.mp/zackwhittaker/this-week-in-security-june-4-2023-edition

@PogoWasRight @akmartinez @brett @briankrebs @lawrenceabrams @campuscodi
And, just because you paid for the decryptor doesn’t mean those other costs go away. You still have to do forensic analysis and the restore costs are still expensive. So, you have the original costs plus the cost of the ransom.

@PogoWasRight @brett @Checkpoint @swidup

The Cl0p numbers throw things off a bit, because those leaks were really fast, but I think in general you are correct.

@PogoWasRight @brett @BleepingComputer @lawrenceabrams @aj_vicens @carlypage
Really weird. Anyone want to ask them?

Like to see this proactive work on the part of the US government to combat ransowmare.

https://therecord.media/us-finds-its-center-of-gravity-in-the-fight-against-ransomware/

@jerry wow, that is beautiful!

New, by me: Meet Xnspy, a little-known stalkerware app that has compromised tens of thousands of iPhones and Android devices worldwide. Xnspy's developers kept a low profile, but data seen by TechCrunch links the stalkerware to a Lahore-based startup called Konext.

More: https://techcrunch.com/2022/12/12/xnspy-stalkerware-iphone-android/

While numbers on extortion sites are down, that doesn’t mean that ransomware attacks are down. But, still an interesting trend to watch.

https://therecord.media/ransomware-tracker-the-latest-figures/