Commentaries and Analyses

Inside “Phobos” Ransomware: “Dharma” Past & Underground

Bridgit Sullivan writes: Phobos is a type of Advanced Encryption Standard (AES) ransomware that was first seen in October 2017 but became increasingly active in 2019. Also referred to as Phobos NextGen or Phobos Not Dharma, Phobos ransomware is extremely similar to the Dharma and Crysis ransomware family due to the same Dharma codebase....

VA sending letter to 1,501 Montana vets about business associate ransomware incident

The Great Falls Tribune reports: The U.S. Department of Veterans Affairs Veterans Health Administration on Thursday announced actions taken to protect veterans’ personal information following a recent privacy breach involving files from the Montana VA Health Care System. Officials said they were notified June 4, by former contractor Benefits Recovery Specialists Inc. of “a...

Inside REvil Extortionist “Machine”: Predictive Insights

A new paper by AdvIntel is out, and it looks at the psychology of REvil, something that it obviously of great interest to me: We have investigated REvil’s discourse and behavior by applying the methodologies and concepts of criminal psychology to identify the group’s unique characteristics revealed by their recent involvement in large, ethically...

No-Log VPNs Exposed Users’ Logs and Personal Details for All to See

Ugh.  vpnMentor reports: A group of free VPN (virtual private network) apps left their server completely open and accessible, exposing private user data for anyone to see. …..  Each of these VPNs claims that their services are “no-log” VPNs, which means that they don’t record any user activity on their respective apps. However, we found...