Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: E-Records

2024 looks set to be another record-breaking year for ransomware and it’s likely going to get worse

TechCrunch: “The ransomware industry is thriving, not losing. Despite various law enforcement wins against ransomware actors, like the sweeping takedown of LockBit and the seizure of Radar, hackers continue to reap the rewards of these data-theft attacks — and 2024 looks set to be their most profitable year to date. That’s according to Allan Liska, a ransomware expert who serves as a threat intelligence analyst at cybersecurity firm Recorded Future. In an interview with TechCrunch in London earlier this month, Liska confirmed that 2024 is on track to be another record-breaking year for ransomware — with equally record-breaking ransoms paid by victims to hackers.  “The curve is going to flatten a little bit, which I guess is good news. But a record-breaking year is still a record-breaking year,” Liska told TechCrunch. “We’ve also this year, for the first time that I’m aware of, had four eight-figure ransoms paid.” One of these eight-figure sums was the $22 million ransom that Change Healthcare paid to the Russian cybercrime gang ALPHV following the theft of highly sensitive medical data related to hundreds of millions of Americans. What followed, Liska said, was rampant in-fighting between the ransomware group and its affiliate, who carried out the hack on ALPHV’s behalf. “If you wanted a reality show, this was it,” said Liska. This apparent scrappiness is only likely to worsen as younger threat actors join the ransomware foray, as we’ve seen with highly skilled and financially motivated hackers like Lapsus$ and, more recently, Scattered Spider. This loose-knit group of predominantly teenage, native English-speaking hackers has carried out some of the most disastrous cyberattacks in history, such as the breach of MGM Hotels and the suspected links to the recent cyberattack on Transport for London. The disjointed nature of these attackers is evidenced by the increase of data theft-only attacks, which have increased by more than 30% in 2024, according to Liska. “That is up significantly from just a couple of years ago,” he told TechCrunch. “A lot of the newer threat actors just don’t want to deal with encryption, decryption, or anything like that,” referring to attacks that exfiltrate huge amounts of stolen data..”

Gun Companies Gave Customers’ Sensitive Personal Information to Political Operatives

ProPublica: “For years, America’s most iconic gun-makers turned over sensitive personal information on hundreds of thousands of customers to political operatives. Those operatives, in turn, secretly employed the details to rally firearm owners to elect pro-gun politicians running for Congress and the White House, a ProPublica investigation has found. The clandestine sharing of gun buyers’… Continue Reading

Can someone find out who you voted for?

NPR – No. Here is what you should know – “With less than [12 days] until Election Day and with early voting taking place across the U.S., many Americans are questioning the secrecy of their ballots. Election officials, voter registration organizations and election law experts — including New Mexico Secretary of State Maggie Toulouse Oliver… Continue Reading

The Global Surveillance Free-for-All in Mobile Ad Data

Krebs on Security: “…Delaware-based Atlas Data Privacy Corp. helps its users remove their personal information from the clutches of consumer data brokers, and from people-search services online. Backed by millions of dollars in litigation financing, Atlas so far this year has sued 151 consumer data brokers on behalf of a class that includes more than… Continue Reading

VISA Biannual Threat Report Fall 2024

This report provides an overview of the top payments ecosystem threats within the past six-month period (January – June 2024) as identified by Visa Payment Fraud Disruption (PFD). In the December 2023 Biannual Report, Visa PFD noted an interesting shift in threat actors’ organization, access to tools, and target choice, with threat actors increasing in… Continue Reading

Anthropic’s new AI model can control your PC

TechCrunch: “In a pitch to investors last spring, Anthropic said it intended to build AI to power virtual assistants that could perform research, answer emails, and handle other back-office jobs on their own. The company referred to this as a “next-gen algorithm for AI self-teaching” — one it believed that could, if all goes according… Continue Reading

The 37signals Guide to Internal Communication

The how, where, why, and when we communicate. Long form asynchronous? Real-time chat? In-person? Video? Verbal? Written? Via email? In Basecamp? How do we keep everyone in the loop without everyone getting tangled in everyone else’s business? It’s all in here. Rules of thumb, and general philosophy – Below you’ll find a collection of general… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues, October 19, 2024

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues, October 19, 2024 – Privacy and cybersecurity issues impact every aspect of our lives – home, work, travel, education, finance, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on the… Continue Reading

Pete Recommends – Weekly highlights on cyber security issues, October 12, 2024

Via LLRX – Pete Recommends – Weekly highlights on cyber security issues, October 12, 2024 – Privacy and cybersecurity issues impact every aspect of our lives – home, work, travel, education, finance, health and medical records – to name but a few. On a weekly basis Pete Weiss highlights articles and information that focus on… Continue Reading

FTC Findings on Commercial Surveillance Can Lead to Better Alternatives

EFF: “On September 19, the FTC published a staff report following a multi-year investigation of nine social media and video streaming companies. The report found a myriad of privacy violations to consumers stemming largely from the ad-revenue based business models of companies including Facebook, YouTube, and X (formerly Twitter) which prompted unbridled consumer surveillance practices.… Continue Reading