Unconventional Move: ALPHV Ransomware Group Files SEC Complaint Against Its Own Victim

The ransomware collective ALPHV, also known as “BlackCat,” has lodged an official complaint with the US Securities and Exchange Commission (SEC), alleging that a recent target failed to adhere to newly enforced disclosure regulations.

Insiders from ALPHV disclosed that on November 7, they effectively breached the digital lending service provider MeridianLink, extracting files without encrypting them. However, apart from an initial interaction, the highly active threat actor refrained from engaging in negotiations concerning the pilfered data.

Despite the bold move by ALPHV, they may face challenges with the SEC for two reasons. Firstly, MeridianLink has stated that they are unsure if consumer personal information was compromised, and their investigation has found no evidence of unauthorized access. The nature of the data stolen by ALPHV may determine its materiality according to SEC guidelines. Secondly, the SEC’s classification of the breach as “material” will be crucial in assessing its significance and impact based on the specific language used.

Read:
https://www.darkreading.com/risk/alphv-ransomware-group-files-sec-complaint-against-own-victim

Trump Media & Technology Group Corp Files Lawsuit Against 20 Major Media Companies Over Coordinated Media Attack

Trump Media & Technology Group Corp, the owner of the Truth Social platform, has filed a lawsuit against 20 major media companies, including The Guardian, The Hollywood Reporter, and The Miami Herald, among others. The lawsuit, filed in the Circuit Court of the Twelfth Judicial Circuit in Sarasota County, Florida, alleges a coordinated media attack involving false reporting of a $73 million loss by TMTG.

TMTG accuses the defendants of fabricating a $73 million loss figure, citing a Securities and Exchange Commission (SEC) filing that does not contain such information. “This number was an utter fabrication,” states the complaint, highlighting that each defendant reported the same false number, supposedly based on the SEC filing.

The lawsuit suggests a deliberate attempt to harm TMTG and Truth Social’s reputation and financial standing, potentially impacting a significant merger between Digital World Acquisition Corporation (DWAC) and TMTG. “This was a coordinated effort to damage TMTG’s reputation, degrade the firm’s financial standing, freeze its access to capital, and torpedo the anticipated merger,” the complaint reads.

The lawsuit seeks compensatory, special, and punitive damages, along with an injunction against further publication of the defamatory statements, totaling $1.5 billion. TMTG asserts that the defendant’s actions were knowingly, intentionally, willfully, wantonly, and maliciously executed.

Read:
https://reclaimthenet.org/truth-social-company-sues-media-outlets-for-defamation

Canadian Police and Military Suffer Data Breach via Attack on Third-Party Moving Companies

The Canadian government has announced that information pertaining to its employees and to military and police personnel was exposed in a data breach at third-party service providers. The incident involved Brookfield Global Relocation Services (BGRS) and Sirva Canada, two moving and relocation services firms contracted by the Canadian government to provide relocation support to employees.

After the data breach was discovered on October 19, the government immediately launched an investigation into the matter, informing the Centre for Cyber Security, the Office of the Privacy Commissioner, and the Royal Canadian Mounted Police.

According to the Canadian government, the data breach impacts the personal information of present and former public service employees, as well as members of the Canadian Armed Forces and Royal Canadian Mounted Police.

“Preliminary information indicates that breached information could belong to anyone who has used relocation services as early as 1999 and may include any personal and financial information that employees provided to the companies,” the government says in an incident notification. No specific number of affected individuals has been provided yet, and the government says it has yet to identify who was impacted.

Prior to concluding the investigation into the incident, however, potentially impacted individuals are being offered credit monitoring services and the option to be reissued valid passports that might have been compromised.

Read:
https://www.securityweek.com/canadian-military-police-impacted-by-data-breach-at-moving-companies/

British Library Latest Victim of Rhysida Ransomware Attack

In late October, the British Library first disclosed it was experiencing an unspecified cybersecurity incident that caused a “major technology outage” across its sites in London and Yorkshire. These attacks downed the library’s website, phone lines, and on-site services, such as visitor Wi-Fi and electronic payments.

Two weeks on, the outage is still continuing. However, the organization has now confirmed the disruption is the result of a ransomware attack launched “by a group known for such criminal activity.” The British Library said that some internal data has leaked online, which “appears to be from our internal HR files.”

This confirmation comes hours after the British Library was listed on the dark web leak site of the Rhysida ransomware gang. The listing, seen by TechCrunch, claimed responsibility for the cyberattack and threatened to publish data stolen from the British Library unless it paid a ransom demand. The gang demanded more than $740,000 worth of bitcoin at the time of writing.

Rhysida hasn’t said how much or what types of data it has stolen from the British Library, but samples of the data shared by the gang appear to include employment documents and passport scans.

Last week, Rhysida was the subject of a joint CISA and FBI advisory, which warned that the group leverages external-facing remote services, such as VPNs, to compromise organizations across the education, IT, and government sectors. The advisory also warned that Rhysida, which was first observed in May, shares overlaps with the Vice Society ransomware gang, a hacking group known for ransomware extortion attacks on healthcare and educational organizations.

In a statement on Monday shared on X (formerly Twitter), the British Library said it has “no evidence” that the data of its customers was compromised but is recommending that users change their passwords as a “precautionary measure,” particularly if customers use the same passwords across multiple services.

Read:
https://techcrunch.com/2023/11/20/british-library-employee-data-stolen-ransomware-attack/

Elon Musk Keeps His Promise and Files Lawsuit Against Media Matters, Urging Users to Reject Manipulation

In response to suspicions of fraudulent behavior, the Office of the Attorney General (“OAG”) is commencing an investigation into Media Matters. Under the Texas Business Organizations Code and the Deceptive Trade Practices Act, the OAG is determined to enforce stringent measures against non-profit entities engaged in fraudulent actions that affect or take place within the state of Texas.

Elon Musk announces plans to file a lawsuit against Media Matters for distorting the user experience on his platform, X. The announcement triggers skepticism and discussions among users, with some questioning Musk’s credibility.

In its pursuit to discourage advertisers on X, Media Matters has employed fresh strategies. By manipulating the user experience algorithms, Media Matters circumvented safeguards and deliberately presented images of X’s major advertisers’ paid posts alongside racist and incendiary content, creating a misleading perception of intentional associations. These pairings were fabricated, unnatural, and exceptionally uncommon.

Read:
https://www.zerohedge.com/political/dont-be-manipulated-stand-x-elon-promised-x-files-suit-against-media-matters

Elsewhere Online:

Massive Data Breach: Over 77 Million Individuals Impacted in MOVEit Security Incident
Read: https://www.gdatasoftware.com/blog/2023/11/37822-agent-tesla-zpaq

Ukraine Dismisses Two Senior Cyber Officials in Response to Corruption Investigation
Read: https://www.infosecurity-magazine.com/news/ukraine-sacks-two-senior-cyber/

SafetyDetectives Analysis Reveals Leaked Vaccination Records of Over 2M Turkish Citizens are Legitimate
Read: https://www.hackread.com/hacker-leaks-turkish-citizens-vaccination-records/

New Agent Tesla Malware Delivers Lure Files with ZPAQ Compression to Harvest Client and Browser Data
Read: https://thehackernews.com/2023/11/new-agent-tesla-malware-variant-using.html

Deceptive Browser Updates Unleash Infostealer Threat on Mac Computers
Read: https://www.darkreading.com/attacks-breaches/threat-actor-using-fake-browser-updates-to-distribute-mac-infostealer

Previously on #AxisOfEasy