REvil ransomware shuts down again after Tor sites were hijacked

Lawrence Abrams reports: The REvil ransomware operation has likely shut down once again after an unknown person hijacked their Tor payment portal and data leak blog. The Tor sites went offline earlier today, with a threat actor affiliated with the REvil operation posting to the XSS hacking forum that someone hijacked the gang’s domains....

Acer under fire: Now hackers claim to have hit Acer Taiwan, too

DESORDEN threat actors are still going after Acer, it seems.  In addition to their recent revelation that they exfiltrated 60 GB of data from Acer India — a breach that Acer confirmed — they have alerted DataBreaches.net that they have also successfully attacked Acer in Taiwan.  In a statement to DataBreaches.net, the threat actors...

Twitter suspends two accounts used by DPRK hackers to catfish security researchers

Catalin Cimpanu reports: Twitter has suspended today two accounts operated by North Korean government hackers and used as part of a clever plot to attract security researchers to malicious sites and infect their systems with malware. The accounts —@lagal1990 and @shiftrows13— are part of a long-lived DPRK cyber-espionage campaign that began last year and specifically targets...

US Treasury said it tied $5.2 billion in BTC transactions to ransomware payments

Catalin Cimpanu reports: The financial crimes investigation unit of the US Treasury Department, also known as FinCEN, said today it identified approximately $5.2 billion in outgoing Bitcoin transactions potentially tied to ransomware payments. FinCEN officials said the figure was compiled by analyzing 2,184 Suspicious Activity Reports (SARs) filed by US financial institutions over the...

Quebec’s Bill 64 Introduces Unique Cyber Incident Reporting Obligations

Charles S. Morgan, Ellen Yifan Chen, and Philippe April of McCarthy Tétrault LLP write: The Act to Modernize Legislative Provisions respecting the Protection of Personal Information (“Bill 64” or the “Bill”) received royal assent on September 22, 2021, introducing new obligations for private sector businesses in Québec phased over the course of three years. it is...

UK: Schools email marketing company told us to go away when we told them of exposed database creds, say infoseccers

Gareth Corfield reports: An email marketing company claiming to hold details on a million UK teachers and school admin personnel was potentially exposing those to the public internet thanks to a misconfigured error page on its website. Not only that, but the Schools Marketing Company (SMC) seemingly dismissed the findings of the infosec company...