Human Error Triggers Ransomware Attack, Largest Healthcare Security Breach in Sask.’s History
Some time between December 2019 and January 2020, eHealth Saskatchewan, the province-wide health delivery service, fell victim to a Ryuk crypto-ransomware attack, exposing the personal and medical information of more than 500,000 people. According to Ron Kruzeniski, Saskatchewan’s Information and Privacy Commissioner, the incident has been declared the largest data breach in the province’s history. […]
Another one bites the dust: goodbye Joker’s Stash. What’s next?
Last week DarkMarket, the second largest dark web marketplace, was shut down by law enforcement in Europe. This takedown is the result of increasing joint efforts to take down dark web facilitated crime. Some dark web market administrators are taking notice, and deciding to retire on their own terms, before the police come knocking on […]
DarkMarket Shut Down by Law Enforcement: New Lessons Learned
Over the weekend, German law enforcement shut down DarkMarket, a dark web marketplace, and arrested its administrator, an Australian living in Europe. According to the official press release, DarkMarket had: almost 500,000 users; more than 2,400 sellers; over 320,000 transactions; more than 4,650 bitcoin and 12,800 monero transferred for a total of CAD$217 million in […]
Malicious Actors Show Little Interest in Automotive Source Code Leak
Technical data leakage strikes again, this time affecting a major manufacturer in the automotive industry. Bleeping Computer reported this week that a misconfigured Git server has leaked source code from Nissan North America. The server had been secured with a default username and password, respectively admin:admin. It contained 20GB of data including code for mobile […]
U.S. Capitol Riots: What May Happen After the Physical Penetration of A Network
Recent events at the Capitol in Washington D.C. were condemned for their impact on the democracy of the United States. What was much less discussed, however, is their impact on the integrity of U.S. government networks and databases. Data Breach Today reported this week that: Computers in [Speaker of the House] Nancy Pelosi’s office were […]
Our Take on the Top 5 Predictions for 2021
Every December, analysts make predictions about the key events in the following months. These lists range from the most obvious (ex. ransomware will be a big risk in the next 12 months) to the most industry insider (ex. investments in endpoint security cloud services from Europe precisely will grow by 2.4%), which may be of […]
What do fraudsters want for Christmas in 2020?
‘Tis the season to be jolly, even though this year has been a challenge, to say the least. While some are thinking about end of year reports and others are looking ahead for a hopeful 2021, fraudsters remain active on dark web marketplaces. What is the criminal underground doing this holiday season? Our team investigated […]
Government Source Code Leaks Compromise the Personal Data of Millions
It’s not always security researchers who uncover major data breaches or security mishaps. Reporters from a Brazilian publication have been very good lately at detecting unfortunate incidents generated by official government websites or careless government employees. It appears that for about six months, a database which has been gathering personal information for about 30 years, […]
When Private Photos Don’t Stay Private for Long
It has always been a challenge to securely share photos, videos and messages on the internet. Few applications offer a ‘trust no one’ mode where the shared content benefits from end-to-end encryption, making it nearly impossible to snoop on. In privacy wars, Apple has a proven track record of providing a much more secure environment […]
How Do Company Secrets Get Leaked Online?
Back in 2017, Facebook suffered a source code leak, initially believed to have been the result of either a developer intentionally leaking it or a security loophole in company servers. The source code leak gave away critical information about the application’s structure and development practices, which ultimately raised some serious data privacy concerns. Once the […]