Researchers say the exposed database belonged to GetHealth.io, a firm that appears to have recently taken down its website.

Researchers: 61M Health IoT Device User Records Exposed

Marianne Kolbasuk McGee • September 14, 2021

An unsecured database belonging to an apparently recently defunct firm exposed 61 million records of wearable health and fitness device users on the internet, say the security researchers who discovered the non-password-protected database in cooperation with the WebsitePlanet research team.

►

Endpoint Security

Israeli Government Visits NSO Group Amid Spyware Claims

Latest

Cybercrime

Good News: REvil Ransomware Victims Get Free Decryptor

Mathew J. Schwartz • September 17, 2021

Score one for the good guys in the fight against ransomware: Anyone who fell victim to REvil, aka Sodinokibi, crypto-locking malware before July 13 can now decrypt their files for free, thanks to a decryptor released by security firm Bitdefender.

Business Continuity Management / Disaster Recovery

Is Grief's Threat to Wipe Decryption Key Believable?

Doug Olenick • September 16, 2021

Regarding the recent tactical innovation by the Grief ransomware gang that is threatening to wipe a victim's data and decryption key if the victim engages a ransom negotiator, analysts are calling this a desperate ploy to scare a target into paying the ransom demand.

Breach Notification

FTC: Health App, Device Makers Must Report Breaches

Marianne Kolbasuk McGee • September 16, 2021

The FTC warns makers of personal health records, mobile health apps, fitness devices and a variety of similar products and services that they will face stiff civil monetary penalties for failure to comply with the commission's 12-year-old - but never-yet enforced - Health Breach Notification Rule.

Access Management

Microsoft Fully Ditches the Password

Doug Olenick • September 15, 2021

Microsoft has officially gone fully passwordless, allowing Windows users to replace their alphanumeric passwords with one of several substitute sign-in technologies to gain entry into a Microsoft product - a move received positively by industry insiders.

3rd Party Risk Management

Top Initial Attack Vectors: Passwords, Bugs, Trickery

Mathew J. Schwartz • September 14, 2021

The top three tactics attackers have been using to break into corporate and government networks are brute-forcing passwords, exploiting unpatched vulnerabilities, and social engineering via malicious emails, says security firm Kaspersky in a roundup of its 2020 incident response investigations.

Cybercrime

Bad News: Innovative REvil Ransomware Operation Is Back

Mathew J. Schwartz • September 13, 2021

Security experts say the notorious REvil - aka Sodinokibi - ransomware-as-a-service operation, which went dark in July, appears to be back in business. The group's data leak site and payment portal are back online, and one expert says the group appears to have begun amassing new victims.

3rd Party Risk Management

SolarWinds Attack Spurring Additional Federal Investigations

Scott Ferguson • September 10, 2021

Nine months after discover of the attack that targeted SolarWinds and clients of its network monitoring tool, the incident continues to spur investigations into what happened. The SEC is reportedly probing those businesses involved, and lawmakers want answers about the breach of DOJ emails.

Blockchain & Cryptocurrency

ISMG Editors' Panel: Ransomware Affiliates Seek New Gangs

Anna Delaney • September 10, 2021

In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including how ransomware affiliates change operators and why terrorists aren't launching massive cyberattacks.

Cybercrime

Ransomware: Hot or Not? Here's Attackers' Ideal Target

Anna Delaney • September 10, 2021

The latest edition of the ISMG Security Report features an analysis of the most sought-after type of victim for ransomware-wielding attackers. Also featured: fighting extortion schemes and stress management tips.

Breach Notification

Ransomware Stopper: Mandatory Ransom Payment Disclosure

Mathew J. Schwartz • September 10, 2021

"Silence is gold." So says ransomware operator Ragnar Locker, as it attempts to compel victims to pay its ransom demand without ever telling anyone - especially not police. But some ransomware-battling experts have been advocating the opposite, including mandatory reporting of all ransom payments.

Cybercrime

Groove Promises Maximum Profits for Ransomware Affiliates

Mathew J. Schwartz • September 9, 2021

Apparent Babuk ransomware operation spinoff Groove, self-described as being an "aggressive financially motivated criminal organization," has launched as part of the new RAMP cybercrime forum, and is promising affiliates a bigger share of profits than traditional ransomware-as-a-service operations.

Application Security

Zero-Day Attacks Exploit MSHTML Flaw in Microsoft Windows

Mathew J. Schwartz • September 8, 2021

Attackers are actively exploiting a flaw in Microsoft Windows for which no patch is yet available. Microsoft has issued workarounds and mitigations designed to block the zero-day attack for the flaw in the MSHTML browsing engine, which is being exploited via malicious Microsoft Office documents.