In der #Schweiz hat es das erste #Gerichtsurteil zu den Pflichten des Arbeitgebers bei einem #Cyberangriff gegeben. Nachdem der Pharma-Konzern "Siegfried" 2021 von einem #Ransomware-Vorfall betroffen war, stellte sich die Frage, ob die Mitarbeiter die infolge des IT-Ausfalls nicht geleistete Arbeitszeit nachholen müssen.

Dagegen klagte nun ein betroffener #Arbeitnehmer und bekam vor einem Schweizer Obergericht Recht: Cyberangriffe sind #Betriebsrisiken des Arbeitgebers.

https://www.aargauerzeitung.ch/aargau/zofingen/zofingen-siegfried-verliert-vor-obergericht-abgezogene-arbeitsstunden-muessen-gutgeschrieben-werden-ld.2808123

In der #Schweiz hat es das erste #Gerichtsurteil zu den Pflichten des Arbeitgebers bei einem #Cyberangriff gegeben. Nachdem der Pharma-Konzern "Siegfried" 2021 von einem #Ransomware-Vorfall betroffen war, stellte sich die Frage, ob die Mitarbeiter die infolge des IT-Ausfalls nicht geleistete Arbeitszeit nachholen müssen.

Dagegen klagte nun ein betroffener #Arbeitnehmer und bekam vor einem Schweizer Obergericht Recht: Cyberangriffe sind #Betriebsrisiken des Arbeitgebers.

https://www.aargauerzeitung.ch/aargau/zofingen/zofingen-siegfried-verliert-vor-obergericht-abgezogene-arbeitsstunden-muessen-gutgeschrieben-werden-ld.2808123

¯⁠\⁠_⁠(⁠ツ⁠)⁠_⁠/⁠¯

｢ The information stolen includes demographic data, names, addresses, dates of birth, Social Security numbers, health insurance information and other clinical information like health conditions, dialysis lab test results and treatment information ｣

#ransomware #databreach #cybersecurity
https://therecord.media/davita-dialysis-company-ransomware-attack-data-breach-notifications

Finally!

> [UK] Public sector bodies and operators of critical national infrastructure, including the NHS, local councils and schools [are to] be banned from paying ransom demands to criminals

and

> businesses not covered by the ban would be required to notify the government of any intent to pay a ransom

https://www.gov.uk/government/news/uk-to-lead-crackdown-on-cyber-criminals-with-ransomware-measures

#ransomware #cybersecurity #uk

M&S head Archie Norman won’t say if he authorized #DragonForce #ransomware hacker payday.

British shopping titan M&S is still dealing with the mess caused by April’s #ransomware attack. There’s at least three months more work ahead says the firm’s chairman, Archie Norman (pictured).

But there are persistent rumors M&S paid #ScatteredSpider’s ransom demand. In #SBBlogwatch, Norman will neither confirm nor deny.

@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/07/marks-spencer-archie-norman-ransom-richixbw/

M&S head Archie Norman won’t say if he authorized #DragonForce #ransomware hacker payday.

British shopping titan M&S is still dealing with the mess caused by April’s #ransomware attack. There’s at least three months more work ahead says the firm’s chairman, Archie Norman (pictured).

But there are persistent rumors M&S paid #ScatteredSpider’s ransom demand. In #SBBlogwatch, Norman will neither confirm nor deny.

@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/07/marks-spencer-archie-norman-ransom-richixbw/

⚠️ IT company Ingram Micro says ransomware targeted internal systems

｢ The company reported $48 billion in sales over the last fiscal year through its position as a connector between organizations and technology manufacturers that provide hardware, software and cloud services. Ingram Micro has more than 50 offices across the Americas, Europe, Asia and the Middle East ｣

#ransomware #cyberattack #cybersecurity
https://therecord.media/ingram-micro-ransomware-attack

Ingram Micro have filed an 8-K for ransomware.

Some incredible wordsmithing here - rather than say when the incident began, they say when they issued a press release. Which was days later than when the incident began. I think this is because they missed SEC reporting deadlines.

https://www.sec.gov/ix?doc=/Archives/edgar/data/1897762/000162828025034372/ingm-20250705.htm

#ransomware

"Britain’s drug gangs and Moscow’s hackers were just two nodes in a vast criminal super-network [that] included sanctioned oligarchs, Russian intelligence operatives and an Irish crime family."

(and of course that network also now includes the #Trump administration, because Howard Lutnick is/was Tether's money manager)

* #TheEconomist: https://www.economist.com/1843/2025/07/04/how-tether-became-money-launderers-dream-currency
* no paywall: https://archive.ph/NiCRD

#moneylaundering #crime#corruption #crypto #cryptocurrency #iran #russia #uspol#howardLutnick #economist #economics #finance #uk #ukpol #garantex #threatintel #ransomware #cybersecurity #vladimirputin #oligarchs #putin #ukraine #kinahans #kinahan

2 and a bit days in and Ingram Micro still haven’t admitted what is happening, instead saying “Maintenance”

They’re both a large MSP and MSSP who sell anti-ransomware services.

#threatintel #ransomware

Bleeping Computer confirms: https://www.bleepingcomputer.com/news/security/ingram-micro-outage-caused-by-safepay-ransomware-attack/

#threatintel #ransomware

"Britain’s drug gangs and Moscow’s hackers were just two nodes in a vast criminal super-network [that] included sanctioned oligarchs, Russian intelligence operatives and an Irish crime family."

(and of course that network also now includes the #Trump administration, because Howard Lutnick is/was Tether's money manager)

* #TheEconomist: https://www.economist.com/1843/2025/07/04/how-tether-became-money-launderers-dream-currency
* no paywall: https://archive.ph/NiCRD

#moneylaundering #crime#corruption #crypto #cryptocurrency #iran #russia #uspol#howardLutnick #economist #economics #finance #uk #ukpol #garantex #threatintel #ransomware #cybersecurity #vladimirputin #oligarchs #putin #ukraine #kinahans #kinahan

Cybercrime: Lösegeldverhandler zwackte sich wohl Provisionen ab

Ein für das Aushandeln von Lösegeld bei aussichtslosen Ransomware-Vorfällen angestellter Experte hat sich wohl Provisionen zahlen lassen.

https://www.heise.de/news/Cybercrime-Loesegeldverhandler-zwackte-sich-wohl-Provisionen-ab-10474413.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cybercrime#IT#Ransomware#Security #news

Cybercrime: Lösegeldverhandler zwackte sich wohl Provisionen ab

Ein für das Aushandeln von Lösegeld bei aussichtslosen Ransomware-Vorfällen angestellter Experte hat sich wohl Provisionen zahlen lassen.

https://www.heise.de/news/Cybercrime-Loesegeldverhandler-zwackte-sich-wohl-Provisionen-ab-10474413.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Cybercrime#IT#Ransomware#Security #news

Espionage 🤝 Cybercrime :: TA829 🤝 UNK_GreenSec

Our extensive visibility into the threat landscape has led us to conclude that there is very likely a link between TA829 (a cybercriminal actor also conducting #espionage in line with Russian state interests) & UNK_GreenSec (a #cybercriminal cluster observed deploying #malware and #ransomware).

See our research blog for a technical analysis of the intriguing overlap between the threat actor clusters. https://brnw.ch/21wTN3n

🐨 Australian ransomware victims now must tell the government if they pay up

“The Australian Institute of Criminology indicates that only one in five victims of a ransomware attack report the attack. As a result, government lacks visibility of the economic and social impact of ransomware in Australia.”

https://therecord.media/australia-ransomware-victims-must-report-payments

#ransomware #australia #cybersecurity