Skip to content

Risk

Security and Technology news from various third party sources. All attribution remains the property of the original authors

203 Topics 203 Posts
  • 0 Votes
    1 Posts
    55 Views
    CerberusC

    Gov. Michael L. Parson Alleges Newspaper Reporter Improperly Accessed Data
    A newspaper reporter in Missouri who responsibly reported the exposure of Social Security numbers on a state government website has been accused of malicious hacking by the state’s governor. The governor alleged the publication of the vulnerability after it was fixed was part of a “political vendetta.”

    https://www.inforisktoday.co.uk/missouri-refers-responsibly-reported-bug-to-prosecutors-a-17737

  • 0 Votes
    1 Posts
    49 Views
    CerberusC

    Gov. Michael L. Parson Alleges Newspaper Employee Improperly Accessed Data
    A newspaper employee in Missouri who responsibly reported the exposure of Social Security numbers on a state government website has been accused of malicious hacking by the state’s governor. The governor alleged the publication of the vulnerability after it was fixed was part of a “political vendetta.”

    https://www.inforisktoday.co.uk/missouri-refers-responsible-bug-report-to-prosecutors-a-17737

  • 0 Votes
    1 Posts
    50 Views
    CerberusC

    Bill Would Remove Some Third-Party Content ‘Immunity’ Held by Social Platforms
    Democratic lawmakers on the House Committee on Energy and Commerce announced legislation that would rein in tech algorithms on platforms exceeding 5 million monthly viewers. This follows a high-profile whistleblower case heard before Congress on Facebook’s allegedly questionable data policies.

    https://www.inforisktoday.co.uk/house-lawmakers-announce-bill-targeting-tech-algorithms-a-17736

  • 0 Votes
    1 Posts
    49 Views
    CerberusC

    Focus is on Critical Infrastructure Threats and Clinical Data
    MITRE, the not-for-profit organization that works across governmental and federal agencies, as well as various industrial verticals and academia, has set up The Cyber Infrastructure Protection Innovation Center and The Clinical Insights Innovation Cell to protect healthcare.

    https://www.inforisktoday.co.uk/mitre-launches-centers-to-protect-infrastructure-health-a-17734

  • 0 Votes
    1 Posts
    56 Views
    CerberusC

    Attackers Can Push Code To A Protected Branch
    Researchers at Cider Security have uncovered a security loophole in GitHub Actions that allows adversaries to bypass the required reviews mechanism and push unreviewed code to a protected branch, allowing it into the pipeline to production.

    https://www.inforisktoday.co.uk/flaws-in-github-actions-bypass-code-review-mechanism-a-17733

  • 0 Votes
    1 Posts
    66 Views
    CerberusC

    PII of Nearly 28,000 Members Exfiltrated in June 2020 Hacking Incident
    The American Osteopathic Association has just begun notifying nearly 28,000 individuals about a June 2020 data exfiltration incident involving their personal information. The medical professional organization says workforce challenges during the pandemic led to the notification delay.

    https://www.inforisktoday.co.uk/osteopathic-professional-group-reports-year-old-breach-a-17735

  • 0 Votes
    1 Posts
    55 Views
    CerberusC

    The Data Dump Is Being Broadly Circulated on a Popular Hacking Forum
    Thingiverse, a popular website dedicated to sharing user-created digital design files, has reportedly leaked a 36GB backup file that contains 2.5 million unique email addresses and other personally identifiable information.

    https://www.inforisktoday.co.uk/thingiverse-data-leak-affects-228000-subscribers-a-17729

  • 0 Votes
    1 Posts
    65 Views
    CerberusC

    The Data Dump Is Being Broadly Circulated on a Popular Hacking Forum
    Thingiverse, a popular website dedicated to sharing user-created digital design files, has reportedly leaked a 36GB backup file that contains 2.5 million unique email addresses and other personally identifiable information.

    https://www.inforisktoday.co.uk/thingiverse-data-leak-affects-25-million-subscribers-a-17729

  • 0 Votes
    1 Posts
    55 Views
    CerberusC

    New Criminal Penalties, Assistance to Victims in the Ransomware Action Plan
    Australia plans to require businesses with more than $10 million in revenue to report ransomware attacks to the government, part of a comprehensive strategy to fight the attacks that also includes new criminal penalties and assistance to victims. The plan would need to be passed by Parliament.

    https://www.inforisktoday.co.uk/australia-plans-ransomware-attack-reporting-requirement-a-17731

  • 0 Votes
    1 Posts
    67 Views
    CerberusC

    China, Russia Both Absent from 30-Nation Gathering on the Threat of Ransomware
    The White House National Security Council this week kicked off its international counter-ransomware event with participation from more than 30 nations. This gathering aims to elevate both law enforcement collaboration and diplomatic efforts. Noticeably absent from the summit: Russia.

    https://www.inforisktoday.co.uk/us-convenes-global-ransomware-summit-without-russia-a-17730

  • 0 Votes
    1 Posts
    63 Views
    CerberusC

    Also, NJ AG Smacks Fertility Clinic With Big Fine in Hacking Incident
    A flurry of hacking incidents and other recent breach developments highlight the cyberthreats and risks facing fertility healthcare and other related specialty providers that handle sensitive patient information.

    https://www.inforisktoday.co.uk/fertility-testing-lab-says-ransomware-breach-affects-350000-a-17728

  • 0 Votes
    1 Posts
    57 Views
    CerberusC

    How Many Strikes Should Cybercrime-as-a-Service Customers Get Before Getting Busted?
    Dutch cybercrime police have a message for almost 30 users of an on-demand distributed-denial-of-service site: We see what you’re doing, now cut it out or we’re going to arrest you. Not for the first time, the move shows police in Europe also emphasizing ethical hacking pursuits instead for young adults.

    https://www.inforisktoday.co.uk/dutch-cyber-cops-tell-stresserbooter-customers-cut-out-a-17727

  • 0 Votes
    1 Posts
    47 Views
    CerberusC

    2.4 Tbps Attack Was 140% Higher Than All Recorded Attacks
    Microsoft disclosed that it mitigated a 2.4 Tbps DDoS attack, which was 140% higher in scale than any previously recorded network volumetric event on Azure. The firm and some security experts say that attacks of this magnitude could wreak havoc on targeted companies and are difficult to mitigate.

    https://www.inforisktoday.co.uk/microsoft-says-mitigated-largest-ever-ddos-attack-a-17725

  • 0 Votes
    1 Posts
    66 Views
    CerberusC

    1 Alleged Co-Conspirator Was Employed by Bank of America, TD Bank
    The U.S. Attorney’s Office for the Eastern District of Virginia last week indicted three men - including an ex-employee of Bank of America and TD Bank - with money laundering and aggravated identity theft after the men allegedly conducted an extensive business email compromise scheme.

    https://www.inforisktoday.co.uk/3-men-charged-by-us-doj-laundering-bec-proceeds-a-17726

  • 0 Votes
    1 Posts
    66 Views
    CerberusC

    OMB Memo: Agencies Have 90 Days to Allow CISA to Begin Reviewing EDR Status
    In an effort to bolster endpoint protection within the U.S. government, the White House is ordering federal agencies to allow CISA to access existing deployments. It is also setting timelines for improving the protection of workstations, mobile phones and servers.

    https://www.inforisktoday.co.uk/cisa-to-access-agencies-endpoints-help-enhance-security-a-17723

  • 0 Votes
    1 Posts
    57 Views
    CerberusC

    Accountable Care Organization Says It’s Investigating 2020 Incident
    A compromise of sensitive health information affecting nearly 38,000 individuals discovered nearly a year after a terminated company executive accessed the data spotlights some of the top security and privacy challenges covered entities and business associates face with insiders.

    https://www.inforisktoday.co.uk/former-executive-accessed-phi-nearly-38000-individuals-a-17724

  • 0 Votes
    1 Posts
    74 Views
    CerberusC

    Also, Bitdefender Report Reinforces Need for Cyber Hygiene When Using BYOD
    The UK’s NCSC has published an updated guidance for employees using their personal devices for work. The agency offers technical controls for different types of bring-your-own-device, or BYOD, deployments. And a Bitdefender report stresses the need for good cyber hygiene when using BYOD.

    https://www.inforisktoday.co.uk/uk-cybersecurity-agency-releases-new-byod-guidance-a-17722

  • 0 Votes
    1 Posts
    56 Views
    CerberusC

    Count of Victims - Listed on Leak Sites or Not - Appears To Be Holding Steady
    One measure of the damage being done by ransomware groups continues to be how many victims get listed on ransomware operators’ dedicated data-leak sites, as part of their so-called double extortion tactics. Unfortunately, the number of victims doesn’t appear to be declining.

    https://www.inforisktoday.co.uk/ransomware-no-decline-in-victims-posted-to-data-leak-sites-a-17719

  • 0 Votes
    1 Posts
    63 Views
    CerberusC

    Letter to 4 Departments Asserts that Cryptocurrency Is Enabling These Attacks
    A congressional letter sent to the heads of four federal agencies expressed an urgent need for the Biden administration to continue combating ransomware. This includes a particular focus on the cryptocurrency infrastructure that is enabling these cyberattacks, four Democratic lawmakers say.

    https://www.inforisktoday.co.uk/democratic-lawmakers-urge-agencies-to-act-on-ransomware-a-17716

  • 0 Votes
    1 Posts
    51 Views
    CerberusC

    Mandiant Report Says Threat Actors Deploy Ryuk, Leverage Initial Access Brokers
    A Russian-speaking threat actor group that deploys the Ryuk variant ransomware, leverages initial access brokers, and generally skips double-extortion attempts in favor of fast and higher payout ransoms has been predominately targeting the healthcare sector, warns security firm Mandiant.

    https://www.inforisktoday.co.uk/fin12-ransomware-attacks-aggressively-targeting-healthcare-a-17717