Displaying items by tag: Brett Callow

Access to the network of document storage and records lifecycle solutions provider ZircoDATA was sold on the Exploit forum in January about a fortnight before the company's data was encrypted by the Black Basta ransomware group.

Outsourcing provider OracleCMS says it has been affected by a cyber-security incident during which a third party gained access to a part of its data, adding that some files have been published online.

Home Affairs Minister Clare O'Neil appears to have taken a leaf out of the book of ransomware outfits when advertising a new initiative by the government against this genre of malware.

The number of organisations hit by the ransomware group Cl0p using vulnerabilities in the secure managed file transfer software MOVEit Transfer is now 546, the security firm Emsisoft reports, estimating that more than 37 million individuals are now affected.

American government services contractor Maximus, which also operates in Canada, Australia and the UK, has informed the SEC of a data breach in which the personal data of between eight and 11 million people has been stolen.

Canadian Prime Minister Justin Trudeau has stepped up the rhetoric over the recently enacted Online News Act, likening the fight with Facebook and Google to defending democracy in Ukraine or during World War II.

Less than three hours after the Medibank Group told iTWire it had not been affected by the ongoing ransomware attacks by the Cl0p group, the company told another media outlet that it had indeed been affected.

Well-known ransomware threat researcher Brett Callow has poured cold water on claims that ransomware, which sought to capitalise on the recent Wagner group incidents, has been targeting Windows users in Russia.

It is more than somewhat ironical that HWL Ebsworth, the Australian law firm that is reeling after a ransomware attack that led to massive data theft, has a slogan on its website saying, "We're not your typical law firm".

An Australian law firm's bid to try and use a court injunction to prevent publication of material stolen during a ransomware raid is unlikely to have any effect on the attackers behind the intrusion, a security professional says.

From time to time, people from Microsoft come up with stupid takes to divert attention from the fact that the products put out by their company are full of security holes. The tech world is chock-full of spin and Microsoft is not reluctant to indulge in it.

The US has taken down the Hive ransomware group that attacks Windows, the Department of Justice claims, adding that the campaign to effect this had been going on since July last year.

Data published by the individual(s), who attacked the medical insurer Medibank Group using ransomware, has now been linked to a forum on the clear Web, the same forum where the data from telco Singtel Optus was released. Ransomware generally attacks only systems running Microsoft's Windows operating system.

The ransomware group behind the Medibank Group attack claims it initially demanded US$10 million (A$15.55 million) as a ransom, but is willing to accept US$9.7 million instead – US$1 for each customer the company claims is at risk. Ransomware largely attacks Microsoft's Windows operating system.

A ransomware group that on Tuesday threatened to post data stolen from medical insurer Medibank Group on the dark web has kept its word and released a small sample of what it claims is the data it appropriated.

The operator of a ransomware blog, which hosts a copy of the site formerly used by the REvil gang, claims that data from Australia's Medibank Group will be posted on the dark web in 24 hours.

Data stolen during an attack on Singapore's multinational telecommunications conglomerate Singtel, which the company says was exfiltrated on 20 January last year, has been lying on the dark Web since February 2021 and was reposted to a clear Web forum on 7 October, a security professional says.

Did Optus suffer another data breach before the big leak, one that has gone generally unmentioned and unnoticed? At least one security professional who has been closely following the incidents at the telco appears to think so.

One wonders what exactly drove Optus chief executive Kelly Bayer Rosmarin to front a media session last Friday, in a bid to spin her way through a damaging development at the telco.

The attacker who allegedly breached the networks of Optus appears to have developed cold feet, posting a note saying that he/she has deleted all the data that was exfiltrated.