Researchers at cybersecurity firm Trend Micro have observed the adoption of a new franchise-based business model by ransomware operators that moves away from the traditional ransomware-as-a-service model. Operators now rebrand a “supplier” ransomware before deployment.

https://www.inforisktoday.co.uk/new-business-model-white-labeling-ransomware-a-17761

New York State AG Letitia James served cease and desist letters to two cryptocurrency lending platforms that her office says engage in “unregistered and unlawful activities.” Three other platforms were told by the OAG to “immediately provide information about their activities and products.”

https://www.inforisktoday.co.uk/nyag-issues-cease-desist-letters-to-2-crypto-platforms-a-17764

Israeli officials say they have fended off a wave of attempted cyberattacks on several hospitals and healthcare entities in recent days, as Hillel Yaffe Medical Center continues to recover from a ransomware attack last week that authorities reportedly suspect was carried out by Chinese hackers.

https://www.inforisktoday.co.uk/more-attempted-cyberattacks-on-israeli-healthcare-entities-a-17762

To mark Cybersecurity Awareness Month, the National Cyber Security Alliance and U.K. based behavioral science and data analytics company, CybSafe, have released their Annual Cybersecurity Attitudes and Behaviors Report 2021, which uncovers key trends, behaviors and habits among tech users.

https://www.inforisktoday.co.uk/positive-security-inspiring-behavioral-change-at-workplace-a-17759

A spate of ransomware incidents affecting the education sector has led to the loss of student coursework, financial records and data relating to COVID-19 testing. Matthew Trump, senior IT security officer for the University of London, U.K., outlines incident response strategies.

https://www.inforisktoday.co.uk/preparing-for-ransomware-attacks-in-education-sector-a-17760

Ransomware attacks are continuing to threaten the U.S. and global healthcare sectors, in part due to many organizations’ high dependency on legacy systems and lack of security resources, says new analysis by federal officials, which also identified the top ransomware gangs hitting the sector.

https://www.inforisktoday.co.uk/analysis-top-ransomware-gangs-targeting-healthcare-sector-a-17755

Social media platform Twitter has suspended two accounts that were being used by members of the DPRK, a North Korean government-backed threat group, according to Adam Weidemann, an analyst with the Google Threat Analysis Group. The accounts allegedly targeted security researchers around the globe.

https://www.inforisktoday.co.uk/twitter-suspends-north-korean-threat-actor-accounts-a-17750

After being targeted by a ransomware attack in March 2021, Acer, one of the world’s largest PC and device makers, has now suffered two further cyberattacks within a week. DESORDEN threat actors are reported to have claimed responsibility for the attacks.

https://www.inforisktoday.co.uk/acer-taiwan-india-hit-in-2nd-3rd-attacks-2021-a-17754

Sinclair Broadcast Group, Inc., which owns or operates 186 television stations across 87 U.S. markets, has been hit with a ransomware attack that has disrupted operations. The company says the attack has impacted its ability to deliver advertisements and certain programming.

https://www.inforisktoday.co.uk/sinclair-tv-stations-targeted-in-weekend-ransomware-attack-a-17753

Accenture says an online attack against it that it first disclosed in August resulted in “the extraction of proprietary information by a third party, some of which was made available to the public by the third party.” The LockBit 2.0 ransomware operation has taken credit for the attack and dumping data.

https://www.inforisktoday.co.uk/accenture-ransomware-attack-breached-proprietary-data-a-17751

A data breach affecting MakerBot’s Thingiverse 3D printing repository website is far bigger than what the company has acknowledged, a former employee claims. Upwards of 2 million users may have been affected by the breach, which left their 3D printers at risk of being hijacked.

https://www.inforisktoday.co.uk/thingiverse-breach-50000-3d-printers-faced-hijacking-risk-a-17749

A former employee of MakerBot says a data breach affecting that company’s Thingiverse 3D printing repository website is far more expansive than what the company is acknowledging. Upwards of two million users may be affected, and 3D printers could have been hijacked.

https://www.inforisktoday.co.uk/thingiverse-breach-50000-3d-printers-could-have-been-hijacked-a-17749

A former employee of MakerBot says a data breach affecting that company’s Thingiverse 3D printing repository website is far more expansive than what the company is acknowledging. Upwards of two million users may be affected, and 3D printers could have been hijacked.

https://www.inforisktoday.co.uk/thingiverse-breach-50000-printers-could-have-been-hijacked-a-17749

The U.S. Department of the Treasury unveiled additional steps to curb the illicit use of cryptocurrencies on Friday, warning enterprises not to engage with sanctioned entities exploiting the financial system - particularly to launder ransomware proceeds.

https://www.inforisktoday.co.uk/treasury-dept-to-crypto-companies-comply-sanctions-a-17744

Researchers at Morphisec Labs have published fresh details about a new MirrorBlast campaign that they say is run by a Russia-based threat group TA505, targeting financial services organizations. The campaign delivers MirrorBlast via a phishing email that contains malicious links.

https://www.inforisktoday.co.uk/mirrorblast-campaign-targets-finance-sector-using-macros-a-17745

U.S. federal agencies issued a joint advisory around potential cyber threats to the nation’s water facilities. They cite “ongoing malicious cyber activity - by both known and unknown actors - targeting the IT and OT technology networks, systems and devices” of U.S. water and wastewater systems.

https://www.inforisktoday.co.uk/us-agencies-to-water-facilities-you-may-be-next-target-a-17741

Government authorities in Israel are warning healthcare sector entities in the country of potential cyberattacks after a ransomware attack this week on Hillel Yaffe Medical Center in the city of Hadera. The hospital said it is “using alternative systems” to care for its patients.

https://www.inforisktoday.co.uk/ransomware-attack-on-israeli-medical-center-raises-alarm-a-17740

In this update, four editors discuss key cybersecurity issues, including addressing the complexity of security, the rising number of victims targeted by double extortion ransomware and the Information Commissioner’s Office’s recent consultation on creating an international data transfer agreement.

https://www.inforisktoday.co.uk/ismg-editors-panel-are-our-systems-too-complex-to-secure-a-17739

A newspaper reporter in Missouri who responsibly reported the exposure of Social Security numbers on a state government website has been accused of malicious hacking by the state’s governor. The governor alleged the publication of the vulnerability after it was fixed was part of a “political vendetta.”

https://www.inforisktoday.co.uk/missouri-refers-coordinated-bug-disclosure-to-prosecutors-a-17737

A free decryptor for BlackByte ransomware has been released by security researchers at Trustwave who cracked the crypto-locking malware’s encryption. But they say that unfortunately, the underlying encryption problem is likely in the process of already being fixed by the malware’s developer.

https://www.inforisktoday.co.uk/blackbyte-free-decryptor-released-for-ransomware-strain-a-17738