<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom"><channel><title>Blackcat on CuraSec</title><link>https://curasec.metacog.co.kr/tags/blackcat/</link><description>Recent content in Blackcat on CuraSec</description><generator>Hugo</generator><language>en-us</language><lastBuildDate>Sat, 11 Jul 2026 11:49:48 +0000</lastBuildDate><atom:link href="https://curasec.metacog.co.kr/tags/blackcat/index.xml" rel="self" type="application/rss+xml"/><item><title>Former ransomware negotiator sentenced 70 months for BlackCat attacks</title><link>https://curasec.metacog.co.kr/insights/2026-07-11-former-ransomware-negotiator-gets-4-years-for-blackcat-attac/</link><pubDate>Sat, 11 Jul 2026 11:49:48 +0000</pubDate><guid>https://curasec.metacog.co.kr/insights/2026-07-11-former-ransomware-negotiator-gets-4-years-for-blackcat-attac/</guid><description>&lt;ul>
&lt;li>&lt;strong>Engineer — Skip&lt;/strong>&lt;/li>
&lt;li>&lt;strong>SOC/IR — Learn:&lt;/strong> Insider-threat angle is notable: attacker was a trusted IR professional with access to victim environments, illustrating how responders can become adversaries — relevant context for vetting IR vendors and monitoring privileged access during incidents.&lt;/li>
&lt;li>&lt;strong>Leader — Learn:&lt;/strong> The case highlights vendor-risk and insider-threat exposure when engaging external IR firms — useful framing for board discussions on third-party access controls and contractual accountability during incident response engagements.&lt;/li>
&lt;/ul></description></item></channel></rss>