BreachExchange Mailing List

BreachExchange focuses on all things data breach. Topics include actual data breaches, cyber insurance, risk management, metrics and more. This archive includes its predecessor, the Data Loss news and discussion lists.

List Archives

Latest Posts

State of Ransomware shows huge growth in threat and impacts Matthew Wheeler (May 04)
https://www.continuitycentral.com/index.php/news/technology/7275-state-of-ransomware-shows-huge-growth-in-threat-and-impacts

Sophos has released its annual survey and review of real-world ransomware
experiences in its ‘State of Ransomware 2022’ report. This shows that 66
percent of organizations surveyed were hit with ransomware in 2021, up from
37 percent in 2020.

The average ransom paid by organizations that had data encrypted in their...

New Hacker Group Pursuing Corporate Employees Focused on Mergers and Acquisitions Matthew Wheeler (May 04)
https://thehackernews.com/2022/05/new-hacker-group-pursuing-corporate.html

A newly discovered suspected espionage threat actor has been targeting
employees focusing on mergers and acquisitions as well as large corporate
transactions to facilitate bulk email collection from victim environments.

Mandiant is tracking the activity cluster under the uncategorized moniker
UNC3524, citing a lack of evidence linking it to an existing group.
However,...

Fourth Circuit Holds Statements About Importance of Data Security Not Actionable Matthew Wheeler (May 04)
https://www.insideclassactions.com/2022/04/29/fourth-circuit-holds-statements-about-importance-of-data-security-not-actionable/

The Fourth Circuit’s opinion last week in In re Marriott International,
Inc., — F.4th —-, No. 21-1802 (4th Cir. Apr. 21, 2022), could prove useful
to companies facing data breach class actions. Following a data breach of
the Starwood guest reservation system, Marriott investors brought
securities claims alleging...

Experts warn that Hive ransomware gang can detect unpatched servers Matthew Wheeler (Apr 26)
https://venturebeat.com/2022/04/25/experts-warn-that-hive-ransomware-attackers-can-detect-unpatched-servers/

The Hive threat group has been targeting organizations across the finance,
energy and healthcare sectors as part of coordinated ransomware attacks
since June 2021.

During the attacks, the group exploits ProxyShell vulnerabilities in MSFT
Exchange servers to remotely execute arbitrary commands and encrypt the
data of companies with this...

Iranian Hacking Group Among Those Exploiting Recently Disclosed VMWare RCE Flaw Matthew Wheeler (Apr 26)
https://www.darkreading.com/attacks-breaches/-iranian-group-among-those-exploiting-recently-disclosed-rce-flaw-in-vmware

An Iranian cyber espionage group that some vendors track as Rocket Kitten
has begun exploiting a recently patched critical vulnerability in VMWare
Workspace ONE Access/Identity Manager technology to deliver the Core Impact
penetration testing tool on vulnerable systems.

VMWare disclosed the remote code execution vulnerability...

Inside a ransomware incident: How a single mistake left a door open for attackers Matthew Wheeler (Apr 26)
https://www.zdnet.com/article/inside-a-ransomware-incident-how-a-single-mistake-left-a-door-open-for-attackers/

A security vulnerability that was left unpatched for three years allowed a
notorious cyber-criminal gang to breach a network and plant ransomware.

The BlackCat ransomware attack against the undisclosed organization took
place in March 2022 and has been detailed by cybersecurity researchers at
Forescout who investigated the incident....

FBI: This ransomware written in the Rust programming language has hit at least 60 targets Matthew Wheeler (Apr 26)
https://www.zdnet.com/article/fbi-this-ransomware-written-in-the-rust-programming-language-has-hit-at-least-60-targets/

The BlackCat ransomware gang has claimed at least 60 victims worldwide.

Written by Liam Tung, Contributor

on April 25, 2022 | Topic: Security

The BlackCat ransomware gang, known for being the first to use ransomware
written in the Rust programming language, has compromised at least 60
organizations worldwide since March...

FBI Shares Information on BlackCat Ransomware Attacks Matthew Wheeler (Apr 22)
https://www.securityweek.com/fbi-shares-information-blackcat-ransomware-attacks

The Federal Bureau of Investigation (FBI) this week published indicators of
compromise (IOCs) associated with the BlackCat Ransomware-as-a-Service
(RaaS).

Initially observed in November 2021 and also tracked as ALPHV and Noberus,
BlackCat is the first ransomware family to be written in the Rust
programming language.

As of March 2022, BlackCat had successfully...

Denonia Malware Shows Evolving Cloud Threats Matthew Wheeler (Apr 22)
https://www.darkreading.com/omdia/denonia-malware-shows-evolving-cloud-threats

Cloud security is constantly evolving and consistently different than
defending on-premises assets. Denonia, a recently discovered serverless
cryptominer drives home the point.

One of the more important points to get across when addressing cloud
security is to make it clear to all involved that cloud security is not
only different, but that it keeps evolving. If...

LemonDuck botnet plunders Docker cloud instances in cryptocurrency crime wave Matthew Wheeler (Apr 22)
https://www.zdnet.com/article/lemonduck-botnet-plunders-docker-cloud-instances-in-cryptocurrency-crime-wave/

Operators of the LemonDuck botnet are targeting Docker instances in a
cryptocurrency mining campaign.

LemonDuck is cryptocurrency mining malware wrapped up in a botnet
structure. The malware exploits older vulnerabilities to infiltrate cloud
systems and servers, including the Microsoft Exchange ProxyLogon bugs,
EternalBlue, and BlueKeep....

Conn. Senate Passes Sweeping Data Privacy Legislation Matthew Wheeler (Apr 22)
https://www.govtech.com/policy/conn-senate-passes-sweeping-data-privacy-legislation

(TNS) — A wide-ranging data privacy bill that would create rights for
consumers and responsibilities for businesses and Internet carriers who
have become used to harvesting — and sometimes misusing or misplacing —
data, was unanimously approved by the state Senate on Wednesday.

If approved by the House of Representatives and signed into law by Gov. Ned...

Scraping data from websites is not hacking or a crime, rules Appeals Court in US Matthew Wheeler (Apr 19)
https://www.neowin.net/news/scraping-data-from-websites-is-not-hacking-or-a-crime-rules-appeals-court-in-us/

The Ninth Circuit Court of Appeals may have set an important precedent in
the tech world. The court has essentially concluded that “Data Scraping” is
not hacking. Hence, it might not be illegal to scrape data from websites,
and social media platforms, unless there are defensive technologies in
place.

After listening to the arguments...

Biden urged to consider federal digital identity framework Matthew Wheeler (Apr 19)
https://www.biometricupdate.com/202204/biden-urged-to-consider-federal-digital-identity-framework

United States President Joe Biden has been advised to consider putting in
place a nationwide digital identity framework as one of four proposed
measures experts believe will help fight identity theft in the country.

In a letter spotted by GovInfoSecurity, addressed to Biden by identity
security experts and posted to Twitter, the President has been...

Cybersecurity experts warn of ransomware attacks targeting small businesses Matthew Wheeler (Apr 19)
https://fox59.com/news/national-world/ransomware-attacks-targeting-small-businesses/

INDIANAPOLIS — Ransomware attacks are on the rise, according to the FBI’s
Internet Crime Complaint Center. The latest numbers show increases across
the board from the number of incidents to the amount of money bad actors
are demanding to the number of reports made.

Unfortunately, cybersecurity experts say small businesses are being
increasingly targeted....

9 Steps Necessary for Infrastructure Security Matthew Wheeler (Apr 19)
https://www.hackread.com/9-steps-necessary-for-infrastructure-security/

The ever-present threat of cyber security attacks has made IT
infrastructure security a priority for most businesses. Cybercriminals are
nowadays using bots to troll the internet for vulnerabilities.

IT security is of utmost importance in this current age due to the move to
employees working from home (WFH) and services being provided through cloud
technology. Security...

More Lists

Dozens of other network security lists are archived at SecLists.Org.