Groups, Insurance and Tools - Information Management Today

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

Krebs on Security

FEBRUARY 20, 2024

authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Investigators used the existing design on LockBit’s victim shaming website to feature press releases and free decryption tools.

Ransomware

Ransomware Encryption Insurance Manufacturing

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Krebs on Security

MARCH 5, 2024

healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. As part of that action, the government seized the BlackCat website and released a decryption tool to help victims recover their systems. There are indications that U.S. Image: Varonis.

Ransomware

Ransomware Insurance Government IT

A Cyber Insurance Backstop

Schneier on Security

FEBRUARY 28, 2024

In the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017. The 9/11 attacks cost insurers and reinsurers $47 billion. 11, 2001, terrorist attacks.

Insurance

Insurance Government Cybersecurity Risk

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Conti Ransomware Group Diaries, Part III: Weaponry

Krebs on Security

MARCH 4, 2022

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Conti is by far the most aggressive and profitable ransomware group in operation today. Part II explored what it’s like to be an employee of Conti’s sprawling organization.

Ransomware

Ransomware Insurance Security IT

Top 8 Cyber Insurance Companies for 2022

eSecurity Planet

APRIL 22, 2022

That’s where cyber insurance may be able to help. For that reason, most experts now recognize that a complete cybersecurity strategy not only includes technological solutions aimed at preventing, detecting, and mitigating attacks, it should also include cyber insurance to help manage the associated financial risks. That’s a 29.1%

Insurance

Insurance Ransomware Cybersecurity Marketing

NYDFS issues significant guidance on insurers using AI or external data

Data Protection Report

FEBRUARY 2, 2024

On January 17, 2024 the New York Department of Financial Services (“NYDFS”) published a Proposed Insurance Circular Letter (“Proposed Circular”) regarding the use of artificial intelligence systems (“AIS”) and external consumer data and information sources (“ECDIS”) in insurance underwriting and pricing. Actual Actuarial Validity.

Insurance

Insurance Artificial Intelligence Risk Compliance

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Perimeter security tools include: Firewalls: Filter traffic and monitor access based upon firewall rules and policies for the network, network segment, or assets protected by different types of firewalls. Cloud Security Cloud security provides focused security tools and techniques to protect cloud resources.

Security

Security Cloud Cybersecurity Risk

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

IT Governance

AUGUST 25, 2022

Lloyd’s of London has announced that its insurance policies will no longer cover losses resulting from certain nation-state cyber attacks or acts of war. In a memo sent to the organisation’s insurance syndicates , Underwriting Director Tony Chaudhry said that Lloyd’s remains “strongly supportive” of policies that cover cyber attacks.

Insurance

Insurance IT Government Risk

Rent a hacker: Group-IB uncovers corporate espionage group RedCurl

Security Affairs

AUGUST 13, 2020

Threat Intel firm Group-IB has released an analytical report on the previously unknown APT group RedCurl, which focuses on corporate espionage. A presumably Russian-speaking group conducts thoroughly planned attacks on private companies across numerous industries using a unique toolset. From Russia to Canada.

Cloud

Cloud Phishing Analytics Access

Previously undetected Earth Longzhi APT group is a subgroup of APT41

Security Affairs

NOVEMBER 15, 2022

Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries. The experts attributed the attacks to a new subgroup of the China-linked APT41 group, tracked as Earth Longzhi. In the following subsections, we introduce these hack tools.

Archiving

Archiving Passwords Metadata Insurance

FIN7 group continues to target US companies with BadUSB devices

Security Affairs

JANUARY 7, 2022

The Federal Bureau of Investigation (FBI) warns US companies that the FIN7 cybercriminals group is targeting the US defense industry with BadUSB devices. FIN7 using this technique to target businesses in the transportation and insurance industries since August 2021, while it started targeting defense firms since November 2021.

Insurance

Insurance Ransomware Access Security

The Weeks in Cyber Security and Data Privacy: 18 – 31 December 2023

IT Governance

JANUARY 3, 2024

Dori Media Group allegedly had more than 100 TB of data exfiltrated The MalekTeam Group claims to have destroyed more than 100 TB of data from Dori Media Group, an international group of media companies in Israel, Switzerland, Argentina, Spain and Singapore. The group is threatening to leak the exfiltrated data.

Data Privacy

Data Privacy Insurance Manufacturing Retail

Ransomware attacks break records in 2023: the number of victims rose by 128%

Security Affairs

JANUARY 19, 2024

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased by 128.17% compared to the previous year (2022), with 1837 additional incidents. LockBit remained the most active group through 2023.

Ransomware

Ransomware Manufacturing Retail Insurance

Researchers released a free decryptor for Black Basta ransomware

Security Affairs

JANUARY 2, 2024

A team of researchers released a suite of tools that could help victims to decrypt data encrypted with by the Black Basta ransomware. A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. ” continues the researchers.

Ransomware

Ransomware Encryption Blockchain Insurance

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access

Access Financial Services Retail Insurance

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

FEBRUARY 28, 2024

. “This trend is believed to be a response to the encouragement from ALPHV Blackcat administrators, who urged affiliates to focus their efforts on hospitals following operational actions against the group and its infrastructure in early December 2023.” reads the press release. “FBI reads the press release. “To

Ransomware

Ransomware Government Insurance Manufacturing

How to Decrypt Ransomware Files – And What to Do When That Fails

eSecurity Planet

OCTOBER 18, 2022

The bad news is it doesn’t work most of the time: Paid ransom decryption tools and keys don’t always work. Free decryption tools don’t always work. Paid decryption tools don’t always work. First, call the cyber insurance company that issued the organization’s cybersecurity policy. Ransomware Decryption Tool Options.

Ransomware

Ransomware Encryption Insurance Access

DoJ indicted a member of China-based hacking group behind Anthem hack

Security Affairs

MAY 9, 2019

US DoJ indicted a member of sophisticated China-based hacking group for series of computer intrusions. The group is also responsible for the 2015 Health Insurer Anthem data breach. Then defendants installed malware and tools on the compromised systems to further compromise the computer networks of the victim businesses.

Insurance

Insurance Data breaches Phishing Privacy

Regulatory Update: NAIC Summer 2022 National Meeting

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance

Insurance Paper Privacy Risk

Welltok data breach impacted 8.5 million patients in the U.S.

Security Affairs

NOVEMBER 23, 2023

. “On July 26, 2023, Welltok was alerted to an earlier alleged compromise of our MOVEit Transfer server in connection with software vulnerabilities made public by the developer of the MOVEit Transfer tool. million Teachers Insurance and Annuity Association of America 2.6 ” reads a notice published by the company.

Data breaches

Data breaches Insurance Ransomware Education

Black Basta gang claims the hack of the UK water utility Southern Water

Security Affairs

JANUARY 23, 2024

The Black Basta ransomware group added Southern Water to the list of victims on its Tor data leak site and threatened to leak the stolen data on February 29, 2024. At this time, it is unknown what ransom the group has demanded from the victim. At this time, it is unknown what ransom the group has demanded from the victim.

Encryption

Encryption Ransomware Blockchain Insurance

Regulatory Update: NAIC Summer 2021 National Meeting

Data Matters

SEPTEMBER 20, 2021

The National Association of Insurance Commissioners (NAIC) held its Summer 2021 National Meeting (Summer Meeting) August 14-17, 2021. Highlights include, among others, adoption of revised risk-based capital bond factors for life insurers, amendments to SSAP No. NAIC Adopts Revised Risk-Based Capital Bond Factors for Life Insurers.

Insurance

Insurance e-Delivery Paper Sales

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Security Affairs

SEPTEMBER 23, 2023

MILES/CBS NEWS TEXAS The Royal ransomware group is behind the attack and threatens to publish stolen data if the City will not meet its ransom demand. Once obtained access to the City’s network, the group performed reconnaissance and information-gathering activities using legitimate third-party remote management tools.

Ransomware

Ransomware Encryption Systems administration Cybersecurity

Biden’s AI Order and the Implications for Employers

Hunton Privacy

NOVEMBER 29, 2023

The Executive Order suggests combining worker retraining programs through the Workforce Innovation and Opportunity Act with existing unemployment insurance administered by the DOL. Notably absent from the consultees list are business or employer groups.

Artificial Intelligence

Artificial Intelligence Risk Insurance Compliance

Insurance blockchain consortium RiskBlock adds 12 members, cybersecurity tools

Information Management Resources

AUGUST 21, 2018

The group now has 30 insurance carrier members working on distributed-ledger tech solutions for the industry.

Insurance

Insurance Blockchain Cybersecurity Analytics

The State of Maine disclosed a data breach that impacted 1.3M people

Security Affairs

NOVEMBER 12, 2023

The State of Maine was the victim of the large-scale hacking campaign that targeted organizations using the MOVEit file transfer tool. The software vulnerability was exploited by a group of cybercriminals and allowed them to access and download files belonging to certain agencies in the State of Maine between May 28, 2023, and May 29, 2023.”

Data breaches

Data breaches Insurance Education Cybersecurity

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Security Affairs

FEBRUARY 27, 2024

A BlackCat ransomware attack hit UnitedHealth Group subsidiary Optum causing an outage impacting the Change Healthcare payment exchange platform. A ransomware attack hit the UnitedHealth Group subsidiary Optum leading to an outage impacting the Change Healthcare payment exchange platform. ” reads the Reuters.

Ransomware

Ransomware Government Insurance Manufacturing

Regulatory Update: NAIC Fall 2020 National Meeting

Data Matters

DECEMBER 28, 2020

The National Association of Insurance Commissioners (NAIC) held its Fall 2020 National Meeting (Fall Meeting) December 3-9, 2020. NAIC Adopts the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act. Insurance groups will be exempt from filing a GCC if.

Insurance

Insurance Paper Risk Analytics

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Krebs on Security

JULY 24, 2018

Now the financial institution is suing its insurance provider for refusing to fully cover the losses. The company determined the hacking tools and activity appeared to come from Russian-based Internet addresses. The lawsuit notes the company determined that it was likely the same group of attackers responsible for both intrusions.

Insurance

Insurance Computer and Electronics Phishing Access

Cybersecurity Management Lessons from Healthcare Woes

eSecurity Planet

MAY 30, 2024

Change Healthcare Ransomware The United Healthcare Group (UHG) acquisition of Change Healthcare in 2022 started paying the wrong type of dividends this February when stolen credentials led to over $870 million in damages. Companies should also use free tools available to them.

Cybersecurity

Cybersecurity Ransomware Data breaches Risk

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

The Last Watchdog

DECEMBER 12, 2023

Here is part one of three groupings. Integration will also increase between security tools and IT systems to enable smarter orchestration; most important of all, organizations will harness AI to stay ahead of increasingly sophisticated AI-driven attacks. What should I be most concerned about – and focus on – in 2024?

Cybersecurity

Cybersecurity Phishing Authentication Analytics

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

The INTERPOL statement says the platform sold hacking tools to compromise more than 70,000 users in 43 countries. “Depending on location, 16Shop will also collect ID numbers (including Civil ID, National ID, and Citizen ID), passport numbers, social insurance numbers, sort codes, and credit limits,” McAfee wrote.

Phishing

Phishing Passwords Insurance Sales

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

Security Affairs

DECEMBER 16, 2023

The threats were sent to a number of former and current Fred Hutch patients — as well as some who have received care from Hutch partner UW Medicine — and claimed the names, Social Security numbers, phone numbers, medical history, lab results and insurance history of more than 800,000 patients had been compromised.” ” Robert M.

Ransomware

Ransomware Insurance Education Marketing

26 Cyber Security Stats Every User Should Be Aware Of in 2024

Security Affairs

FEBRUARY 8, 2024

Cyber Insurance: US cyber insurance premiums soared by 50% in 2022, reaching $7.2 Telecom Adoption: 80% of telecom companies now use AI-powered cyber security tools to protect their networks, showing how AI is becoming more common in keeping complex systems safe. million, up 15% in three years. The US topped the list at $5.09

Security

Security Phishing IoT Ransomware

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

IT Governance

FEBRUARY 6, 2024

Source 1 ; source 2 (New) Professional services USA Yes 11,556 Poder Judicial de Santa Cruz Source (New) Legal Argentina Yes 8,732 J.D.

Data Privacy

Data Privacy Privacy Insurance Security

POLONIUM APT targets Israel with a new custom backdoor dubbed PapaCreep

Security Affairs

OCTOBER 13, 2022

An APT group tracked as Polonium employed custom backdoors in attacks aimed at Israelian entities since at least September 2021. According to Microsoft, POLONIUM is an APT group based in Lebanon that coordinates its activities with other actors affiliated with the Iranian Ministry of Intelligence and Security.

Communications

Communications Cloud Insurance Ransomware

Regulatory Update: NAIC Summer 2020 National Meeting

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. Annuity Suitability Working Group Drafting FAQ Document to Facilitate Uniformity in State Adoption of Revised Suitability in Annuity Transactions Model Regulation.

Insurance

Insurance Paper Artificial Intelligence Big data

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. Group-IB , a Singapore-based cybersecurity company that specializes in preventing cyberattacks, has analyzed key recent changes to the global cyberthreat landscape.

IT

IT Military Cybersecurity Phishing

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Security

Security Data breaches Ransomware Mining

China-linked Moshen Dragon abuses security software to sideload malware

Security Affairs

MAY 3, 2022

A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A China-linked APT group, tracked as Moshen Dragon, has been observed targeting the telecommunication sector in Central Asia with ShadowPad and PlugX malware, SentinelOne warns.

Security

Security Military Insurance Cybersecurity

Intellihartx data breach exposed the personal and health info of 490,000 individuals

Security Affairs

JUNE 12, 2023

The Clop ransomware group has stolen stole personal and health information of 489,830 individuals as a result of a ransomware attack on the technology firm Intellihartx. Other victims of the Clop ransomware are City of Toronto , Rubrik , Onex, Axis, Bank, Rio Tinto, Hitachi Energy , and Virgin Group.

Data breaches

Data breaches Ransomware Insurance Data Privacy

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

This picture comes from an analysis of specific statistics and by reading between the lines in reports from 1Password, Cisco, CrowdStrike, Flashpoint, Google Threat Analysis Group/Mandiant, NetScout, Pentera, and Sophos. 13% maintain access to company tools or resources after leaving the organization.

Cybersecurity

Cybersecurity Ransomware Passwords Cloud

Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 17, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Security Computer and Electronics Ransomware

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

Carrefour France and Carrefour Banque are both affiliates of the French retail group, the Carrefour Group. The group has diversified its activities into the banking and insurance, travel agency and e-commerce sectors. The CNIL carried out online inspections on the carrefour.fr and carrefour-banque.fr

GDPR

GDPR Personal data Data collection Marketing

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Webinars

Trending Sources

A Cyber Insurance Backstop

Webinars

Conti Ransomware Group Diaries, Part III: Weaponry

Top 8 Cyber Insurance Companies for 2022

NYDFS issues significant guidance on insurers using AI or external data

Network Security Architecture: Best Practices & Tools

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

Rent a hacker: Group-IB uncovers corporate espionage group RedCurl

Previously undetected Earth Longzhi APT group is a subgroup of APT41

FIN7 group continues to target US companies with BadUSB devices

The Weeks in Cyber Security and Data Privacy: 18 – 31 December 2023

Ransomware attacks break records in 2023: the number of victims rose by 128%

Researchers released a free decryptor for Black Basta ransomware

Iran-linked APT group Pioneer Kitten sells access to hacked networks

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

How to Decrypt Ransomware Files – And What to Do When That Fails

DoJ indicted a member of China-based hacking group behind Anthem hack

Regulatory Update: NAIC Summer 2022 National Meeting

Welltok data breach impacted 8.5 million patients in the U.S.

Black Basta gang claims the hack of the UK water utility Southern Water

Regulatory Update: NAIC Summer 2021 National Meeting

City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack

Biden’s AI Order and the Implications for Employers

Insurance blockchain consortium RiskBlock adds 12 members, cybersecurity tools

The State of Maine disclosed a data breach that impacted 1.3M people

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Regulatory Update: NAIC Fall 2020 National Meeting

Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M

Cybersecurity Management Lessons from Healthcare Woes

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

Karma Catches Up to Global Phishing Service 16Shop

Hunters International ransomware gang claims to have hacked the Fred Hutch Cancer Center

26 Cyber Security Stats Every User Should Be Aware Of in 2024

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

POLONIUM APT targets Israel with a new custom backdoor dubbed PapaCreep

Regulatory Update: NAIC Summer 2020 National Meeting

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION

China-linked Moshen Dragon abuses security software to sideload malware

Intellihartx data breach exposed the personal and health info of 490,000 individuals

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Security Affairs newsletter Round 463 by Pierluigi Paganini – INTERNATIONAL EDITION

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Stay Connected