Government advisories have informed entities and the public that paying ransomware gangs to get a decryptor key is no guarantee that you will get the decryptor key, or even if you get one, that none of the files will have been corrupted. Here’s a more striking reason not to consider paying for a decryptor: one…
UPDATED: DMCA notice to SuspectFile is refuted, but it never should have happened (2)
Update 1: After a post by SuspectFile about a DMCA threat was published on his blog and noted by Valery Rieß-Marchive on LinkedIn, The Hacker Network posted this in reply to Valery’s post: Wait… what? That doesn’t sound right. Please note that no law firm or external service represents THN. Moreover, we’ve never issued a…
OIG audit of hospital’s cybersecurity finds vulnerabilities in common web applications
Chad van Alstin reports: The U.S. Department of Health and Human Services Office of the Inspector General (OIG) released a report focused on a “large Southeastern hospital” that the agency said had security vulnerabilities that could be vectors for a cyberattack. The unnamed hospital, according to the OIG, would have difficulty detecting a data breach…
Berlin hospitals threatened by spate of attacks
Helen Whittle reports: The Berlin Hospital Association (BKG) has issued a warning describing a spate of seemingly “inexplicable incidents” at hospitals and healthcare facilities in the capital. These range from drone incursions over hospital grounds and cyberattacks to forced entry and arson. The BKG says that Germany’s security and intelligence services classify at least some of these attacks…
Two Ivy League universities had donor information breaches. Will donors be notified?
Harvard University and the University of Pennsylvania (UPenn) have more in common than just being Ivy League universities. Both suffered data breaches involving donor information, and their stolen data was leaked. Harvard On November 18, Harvard discovered that its Alumni Affairs and Development information had been attacked as a result of a phone-based phishing attack….
Don’t panic: 0apt’s listings and data leaks are fakes — Researchers
If you noticed a lot of dark web leak site listings by a new group, 0apt, and have been concerned about whether they might be a dangerous and prolific group, the DataBreach[.]com team (no relationship to DataBreaches[.]net) has a reassuring message for you: the listings and data leaks are fake and a waste of your…