The Russia-linked cybercrime gang thought to be behind a hack that has impacted companies around the world has posted a message to its corporate victims.
In short, firms affected by the MOVEit hack are being told to congtact the Cl0p ransomware group before June 14, or face the consequences.
13 years jail for spoofing scammer, a rogue IT security expert’s Bitcoin blackmail goes wrong, and Facebook’s eyewatering GDPR fine may be only the beginning of its problems.
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by the Imposter Syndrome Network podcast’s Zoë Rose.
es, you should be worried about the threat posed by external hackers. But also consider the internal threat posed by insiders and rogue employees - the people you have entrusted to act responsibly with the data of your company and your customers.
Read more in my article on the Hot for Security blog.
Did the sentence fit the crime? Read the backstory, and then have your say in our comments! (You may post anonymously.)
Stealing private keys is like getting hold of a medieval monarch's personal signet ring... you get to put an official seal on treasonous material.
Rogue software packages. Rogue "sysadmins". Rogue keyloggers. Rogue authenticators. Rogue ROGUES!
A former software engineer at Ubiquiti Networks has pleaded guilty to stealing gigabytes of data from the firm, attempting to extort millions of dollars, and damaging the company's reputation in the media.
Read more in my article on the Hot for Security blog.
Company transcribed ultra-personal conversations, didn't secure them. Criminal stole them, then extorted thousands of vulnerable patients.
Chainalysis reports that worldwide ransomware payments were down in 2022.
Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before.
As always, we have to caveat these findings by noting that the true totals are much higher, as there are cryptocurrency addresses controlled by ransomware attackers that have yet to be identified on the blockchain and incorporated into our data. When we published last year’s version of this report, for example, we had only identified $602 million in ransomware payments in 2021. Still, the trend is clear: Ransomware payments are significantly down.
However, that doesn’t mean attacks are down, or at least not as much as the drastic drop-off in payments would suggest. Instead, we believe that much of the decline is due to victim organizations increasingly refusing to pay ransomware attackers.
If the crooks have connected up your phone number and your Twitter handle... what could go wrong?