PogoWasRight

@PogoWasRight@infosec.exchange

Blogger/journalist at databreaches.net and pogowasright.org.

#databreach #ransomware #dataprotection #privacy #cybersecurity #transparency #HIPAA #F1 #coffee

Posts have not been evaluated by the Food and Drug Administration or my dogs, who remind everyone to use the Oxford comma.

The header pic is my beautiful Senna, a northern husky we rescued in 2018.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

PogoWasRight, to random

My annual PSA for anyone else who doesn't care about football:

PuppyBowl XX is today! And there is now a PuppyBowl Hall of Fame and four former players will be inducted.

Kickoff for Puppy Bowl XX is at 2 p.m. ET. The pre-game show begins at 1 p.m. ET.

The Puppy Bowl will be aired on Animal Planet, Discovery, Discovery+, MAX, TBS and truTV.

I'm pretty sure Taylor Swift won't be showing up for this one because she's got her priorities a bit off.

You're welcome. :) 🐶 ❤️ 🐕❤️ 🐕‍🦺 ❤️

PogoWasRight, (edited )

@campuscodi Here's an article with streaming options:

https://www.cbsnews.com/essentials/how-to-watch-puppy-bowl-2024/

PogoWasRight, to random

Reward Offers for Information to Bring Hive Ransomware Variant Co-Conspirators To Justice:

https://www.state.gov/reward-offers-for-information-to-bring-hive-ransomware-variant-co-conspirators-to-justice/

PogoWasRight, to random

Protect Good Faith Security Research Globally in Proposed UN Cybercrime

Statement to be submitted by the Electronic Frontier Foundation, accredited under operative paragraph No. 9 of UN General Assembly Resolution 75/282, on behalf of 124 signatories:

https://www.eff.org/deeplinks/2024/02/protect-good-faith-security-research-globally-proposed-un-cybercrime-treaty

jvagle, to random
@jvagle@mastodon.lawprofs.org avatar

The fact that this particular Court is tying itself in knots over ambiguity in constitutional language is funny, but not in a "ha ha" kind of way.

PogoWasRight,

@jvagle

Jason Murray seems to be having a rough first outing before .

PogoWasRight,

@jvagle

Yikes. I did not know that. Is it just my inexperience, or did it seem to you that he was not persuading them?

PogoWasRight, to random

I did not have a botnet of smart toothbrushes on this morning's Cyberattack Bingo card. Did you?

https://www.independent.co.uk/tech/toothbrush-hack-cyber-attack-botnet-b2492018.html

PogoWasRight,

@hrbrmstr I'm not sure it was intended as a hoax or if someone just misunderstood something. Either way, I have given my toothbrush a strong lecture on not joining any botnets and we have made up now.

PogoWasRight, to random

HHS’ Office for Civil Rights Settles Malicious Insider Cybersecurity Investigation for $4.75 Million:

https://www.hhs.gov/about/news/2024/02/06/hhs-office-civil-rights-settles-malicious-insider-cybersecurity-investigation.html

Another #HIPAA #SecurityRule #enforcement action but this was from an #insider wrongdoing #databreach that police notified the center about in 2015. The theft occurred in 2013. Why is #HHSOCR first settling this NOW?

#IDtheft #fraud

PogoWasRight, to Bitcoin

"Real identity of founder ‘Satoshi Nakamoto’ could FINALLY be revealed in court…and may unlock £36billion fortune"

https://www.the-sun.com/news/10290281/bitcoin-founder-satoshi-nakamoto-revealed/

@campuscodi @BleepingComputer @GossiTheDog

PogoWasRight, to random

Canada’s most prolific hacker is expected to make full restitution:
https://ottawacitizen.com/news/local-news/canadas-most-prolific-hacker-is-expected-to-make-full-restitution

Given the amount of the restitution, it's hard to believe he's so prolific, but more than 1100 victims, it says, so...

@briankrebs had done a deeper dive into Philbert back in December 2021:
https://krebsonsecurity.com/2021/12/canada-charges-its-most-prolific-cybercriminal/

@brett

PogoWasRight, to Cybersecurity

Was BrightStar Care attacked by two different groups — or was there only one breach?

It would help if BrightStar Care responded to inquiries. They didn't, but I'm confident they would like us all to know that they take privacy and security very seriously, right?

https://www.databreaches.net/was-brightstar-care-attacked-by-two-different-groups-or-was-there-only-one-breach/

@brett @euroinfosec @BleepingComputer

PogoWasRight, (edited ) to random

The went after for its poor security, in 2020, and incident response. A ton of provisions in the proposed order, but no monetary penalty.

Press release: https://www.ftc.gov/news-events/news/press-releases/2024/02/ftc-order-will-require-blackbaud-delete-unnecessary-data-boost-safeguards-settle-charges-its-lax

Direct link to proposed order: https://www.ftc.gov/news-events/news/press-releases/2024/02/ftc-order-will-require-blackbaud-delete-unnecessary-data-boost-safeguards-settle-charges-its-lax

I like how they included that after paying $250k to the threat actors to get them to delete the data, "The company never verified, however, that the hacker actually deleted the stolen data, according to the complaint."

@douglevin @funnymonkey

PogoWasRight, (edited ) to Cybersecurity

Proving once again what lying bastards they are, hit St. Anthony Hospital (Chicago) on December 18 and exfiltrated some patient data. The hospital hasn't confirmed how much yet, and they make no mention of any of files. LockBit seems to be demanding $800k ransom/extortion to delete the files.

LockBit listing: http://lockbitapt6vx57t3eeqjofwgcglmutr3a35nygvokja5uuccip4ykyd.onion/post/BMwAS4fLCVjTEUt865b99757bf96a

Hospital's statement: https://sahchicago.org/images/cybersecurity/Saint-Anthony-HIPAA-Notification_website_English_2024Jan29.pdf

PogoWasRight, (edited ) to random

"The Wall Street Journal recently reported that once had a market cap of $6 billion. That has dropped to $350 million. "

Here we go again: how do we figure out how much of 23andMe's woes is due to a and their pretty deplorable that blamed their users, and how much is due to other financial issues involving their investments?

23andMe Destroyed by Hackers and Losses: https://247wallst.com/business/2024/02/01/23andme-destroyed-by-hackers-and-losses/

PogoWasRight,

@adamshostack I'd like to see some data on new signups before the breach, after the breach was first disclosed, and then after they issued their blame-the-users statement. But you're probably right that the major factor in their downward trend is the investments.

PogoWasRight, to Cybersecurity

Hooray for NYS AG Letitia James. She has sued Citibank for poor security and failure to comply with when consumers report or .

Snippets from the press release:

"The OAG found that Citi’s systems do not respond effectively to red flags, such as scammers who are using unrecognized devices, are accessing accounts from new locations, or are changing banking passwords or usernames. Additionally, Citi systems do not flag and stop efforts to transfer funds from multiple accounts into a single account and then send tens of thousands of dollars out the door in minutes. Citi also does not automatically initiate investigations or report fraudulent activity to police or law enforcement authorities when consumers first report it to Citi."

"Under EFTA, banks such as Citi are required to reimburse their customers for money in their accounts that is lost or stolen through unauthorized electronic payments. However, Citi illegally exploited a narrow exception in these laws to deny consumer claims for reimbursement, resulting in millions of dollars in losses for New York consumers. Through this lawsuit, Attorney General James is seeking to stop Citi’s deceptive practices and to collect restitution for victims who were denied reimbursement in the last six years, penalties, and disgorgement. "

Press release: https://ag.ny.gov/press-release/2024/attorney-general-james-sues-citibank-failing-protect-and-reimburse-victims

Direct link to complaint: https://ag.ny.gov/sites/default/files/2024-01/citi-complaint.pdf

PogoWasRight,

@longobord Since EFTA is federal, other states really should follow suit if Citi settles the NY case. Can you imagine being a customer in another state who didn't get funds refunded and you're asking your state's AG why they didn't do something to help consumers when NY did? And oh yeah, when are you up for re-election, Mr/Ms State Attorney General?

campuscodi, to infosec
@campuscodi@mastodon.social avatar

A cybersecurity breach has taken place at Romania's Chamber of Deputies, the country's lower house of Parliament.

The breach took place on Tuesday, January 30, and was immediately discovered by authorities.

Romanian officials did not elaborate on the nature of the hack but confirmed that no ransom demand was made. cc @PogoWasRight

https://www.news.ro/politic-intern/bresa-de-securitate-la-camera-deputatilor-in-acest-moment-nu-exista-nicio-solicitare-de-rascumparare-a-datelor-se-redacteaza-o-plangere-la-diicot-1922401030002024011321476648

PogoWasRight, (edited )

@campuscodi

Indeed. Knight claimed it was on January 26 on their leak site. I still have to write up some complaints about breaches involving two Romanian hosting firms. The first you knew about already, but now there's another one, it seems.

PogoWasRight,

@campuscodi The govt says it took place on January 30 and was immediately discovered. Knight claims it was Jan. 26. Their listing of January 29, which I screencapped on January 29, gave the govt 38 hours to respond It- was subsequently edited to give the govt 731 hours. It also claims they acquired 250,000 MB of files and documents.

PogoWasRight, to ukteachers

reports: "K-12 Cybersecurity Spending, Insurance on the Rise"
https://www.govtech.com/education/k-12/k-12-cybersecurity-spending-insurance-on-the-rise

Direct link to the Clever report, Cybersecure 2024, upon which it is based: https://www.clever.com/cybersecure-report

@douglevin @funnymonkey @brett @michaelfklein @mkeierleber @dsalo

Here's a somewhat chilling, but expected finding from the report on how districts consider vendor cybersecurity:

PogoWasRight,

@funnymonkey @dsalo @douglevin @brett @michaelfklein @mkeierleber

So, to recap, these findings would be concerning enough if they were accurate, but we think they overestimate what districts really do.

Lovely.

PogoWasRight, to random

"Based on 481 ransomware attacks from the Dutch police and a Dutch incident response party, we arrive at a number of key insights: Insurance led to a 2.8x higher ransom amount paid, without affecting the frequency of payments. Data exfiltration led to a 5.5 times higher ransom amount paid, without affecting the frequency of payments. Organizations with recoverable backups were 27.4 times less likely to pay the ransom compared to victims without recoverable backups.

Press release: https://www.utwente.nl/nieuws/2024/1/1318314/ut-brengt-besluitvormingsproces-slachtoffers-ransomware-in-kaart#belangrijke-inzichten

Full article by Tom Meurs and colleagues: https://ris.utwente.nl/ws/portalfiles/portal/324702475/Ecrime2023vPREPRINT.pdf

h/t,

@allan @brett @lawrenceabrams @ecrime_ch @GossiTheDog

PogoWasRight, (edited )

@jpm @backupbear

From the full article, this other finding on may seem counter-intuitive at first:

"Regarding backups, it seems that having recoverable backups leads to a lower probability of payment, observed in only 11% of cases. However, the average ransom paid per attack and the total ransom paid are higher compared to scenarios with other backup conditions. It is noteworthy that victims who lack backups generally pay lower ransoms than those who have backups that cannot be restored, with both the average ransom per attack and the cumulative amounts being lower. One plausible explanation could be that businesses holding data considered valuable enough for ransom payments are generally more likely to employ backup systems, compared to those with less valuable data. The Kruskal Wallis test with null hypothesis that all backups measures lead to same r ransom paid, results in
KW=49.65, df=3, p-value<0.001. This indicates that having backups leads to more ransom paid."

PogoWasRight, to random

On my "Things I Really Hate" list:

You send inquiries to a site about a breach they had. They never reply to your inquiries but then you get put on their marketing list and get spammed with multiple emails you have no interest in whatsoever.

PogoWasRight,

@bmaz Once again, we disagree on F1. :) I did not think those seasons were much fun back then. In fact, I was furious at team orders by Ferrari. So maybe our definition of "fun" depends somewhat on whether or not we like a driver. Did you enjoy the weekends with sprint races this past season, or it didn't make any difference for you?

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • rosin
  • thenastyranch
  • tester
  • DreamBathrooms
  • mdbf
  • magazineikmin
  • tacticalgear
  • Youngstown
  • ethstaker
  • osvaldo12
  • slotface
  • everett
  • kavyap
  • JUstTest
  • khanakhh
  • ngwrru68w68
  • Leos
  • modclub
  • cubers
  • cisconetworking
  • Durango
  • InstantRegret
  • GTA5RPClips
  • provamag3
  • normalnudes
  • anitta
  • lostlight
  • All magazines
    •