Day: October 8, 2021

Cox Media Group confirms ransomware attack that took down broadcasts

American media conglomerate Cox Media Group (CMG) confirmed that it was hit by a ransomware attack that took down live TV and radio broadcast streams in June 2021. The company acknowledged the attack in data breach notification letters sent today via U.S. Mail to over 800 impacted individuals believed to have had their personal information …

Cox Media Group confirms ransomware attack that took down broadcasts Read More »

Four months later, Cox Media confirms ransomware attack

The Cox Media Group, one of the largest media conglomerates in the US, has formally acknowledged a ransomware attack that crippled and took down live feeds for several TV and radio stations earlier this year, in June. In breach notification letters filed with US state attorneys’ offices this week, CMG acknowledged the incident for the first time after it …

Four months later, Cox Media confirms ransomware attack Read More »

Fancy Bear’s snuffling at Gmail credentials. FIN12’s threat to healthcare, and BlackMatter’s threat to agriculture. REvil tries to reestablish itself in the underworld. Twitch update. Sachkov is charged.

Google warns fourteen-thousand Gmail users that Fancy Bear has probably been after their passwords. FIN12, a fast-running ransomware group, is after hospitals’ and healthcare providers’ money. BlackMatter remains active against the agriculture sector. REvil is back and talking on the RAMP forum, but so far it’s getting a chilly reception. Twitch traces its vulnerability to …

Fancy Bear’s snuffling at Gmail credentials. FIN12’s threat to healthcare, and BlackMatter’s threat to agriculture. REvil tries to reestablish itself in the underworld. Twitch update. Sachkov is charged. Read More »

Netherlands Says Armed Forces May Combat Ransomware Attacks

Officials and Experts Debate Legality, Diplomatic Ramifications of the StatementThe Dutch government says it may use intelligence agencies or military services to counter cyberattacks – including ransomware attacks – that threaten the country’s national security. This comes in a letter from Dutch Minister of Foreign Affairs Ben Knapen in response to a parliamentary inquiry.Read more

Nobelium Makes Russia Leader in Cyberattacks

Microsoft: 58% of Attacks Reported Worldwide Originated From RussiaMicrosoft, in its annual threat review report, Digital Defense, says 58% of cyberattacks worldwide over the past year originated in Russia. And 92% of the Russia-based threat activity came from the nation-state threat group Nobelium.Read more

What Is Data Protection and Why Does it Matter?

Data is at the center of business. For many organizations, digital adoption drives strategy. Data is essential to meeting customer needs, responding to sudden market shifts and unforeseen events. That’s why data protection should be on your mind. Enterprises generate large amounts of data from multiple sources. The sheer volume and detail of enterprise data …

What Is Data Protection and Why Does it Matter? Read More »

Brewer’s Token Gaffe Causes Massive PII Breach

Brewer’s Token Gaffe Causes Massive PII Breach An authentication error left the personal data of hundreds of thousands of BrewDog customers and Equity for Punks shareholders exposed for a year and a half.  The gaffe involving an API bearer token was discovered by researchers at security consulting and testing company Pen Test Partners.  "Every mobile app user was …

Brewer’s Token Gaffe Causes Massive PII Breach Read More »

Aligning Security and Privacy Using the NIST Risk Management Framework

For too long, companies have made the mistake of separating privacy and security regulation. This has led to numerous security gaps that cybercriminals have exploited and ransomware attacks, like the SolarWinds or Colonial Pipeline attacks, which have shut down critical infrastructure industries and risked the security of millions. By integrating the management of security and …

Aligning Security and Privacy Using the NIST Risk Management Framework Read More »

Google Exec Calls on Apple To Adopt Better, More Secure Text Messaging

Google executive Hiroshi Lockheimer has called on Apple to adopt the Rich Communication Services (RCS) protocol that would enable improved and more secure messaging between iPhone and Android devices. From a report: RCS brings a number of modern features — including support for audio messages, group chats, typing indicators and read receipts — and end-to-end …

Google Exec Calls on Apple To Adopt Better, More Secure Text Messaging Read More »

NSO Pegasus spyware can no longer target UK phone numbers

SurveillanceNSO Pegasus spyware can no longer target UK phone numbers Israeli maker of surveillance software blocked +44 code after detecting hack against Princess Haya, source says Dan Sabbagh Defence and security editorFri 8 Oct 2021 13.53 EDT Last modified on Fri 8 Oct 2021 13.54 EDT The powerful spyware used to hack into mobile phones …

NSO Pegasus spyware can no longer target UK phone numbers Read More »

Over 14,000 Gmail users fall victim to Russian government-sponsored phishing campaign

Through a letter sent via email, Google has notified some 14,000 Gmail users that during the past months they could have been the target of a sophisticated spear phishing campaign operated by a hacking group identified as APT28. The letter is signed by Shane Huntley, director of the Google Threat Analysis Group. Huntley emphasizes the …

Over 14,000 Gmail users fall victim to Russian government-sponsored phishing campaign Read More »

Citizen Lab researcher disputes claims from NSO Group after UK court finds UAE ruler used Pegasus to hack ex-wife, lawyers

A member of the team at the University of Toronto’s Citizen Lab is questioning the actions of controversial Israeli spyware firm NSO Group in the case of Princess Haya bint al-Hussein, who had her devices and the devices of her lawyers hacked amid a UK custody battle with Sheikh Mohammed bin Rashid al-Maktoum, ruler of …

Citizen Lab researcher disputes claims from NSO Group after UK court finds UAE ruler used Pegasus to hack ex-wife, lawyers Read More »

California Enacts Genetic Information Privacy Act

genetic information state policy California Enacts Genetic Information Privacy Act This week, Governor Gavin Newsom signed the California Genetic Information Privacy Act, which had been passed unanimously by the California Senate and Assembly in September. The Act requires direct-to-consumer genetic testing companies to provide consumers with certain information regarding the company’s policies and procedures for …

California Enacts Genetic Information Privacy Act Read More »

Principles of Sustainable Cybersecurity

Deepayan Chanda Discusses Reliability, Accuracy, Architecture and ResiliencyDeepayan Chanda discusses the four principles of cybersecurity – reliability, accuracy, architecture and resiliency – that he believes cover most of the aspects of how CISOs can maintain the level of cybersecurity that their organzations need to sustain attacks.Read more

Data Breach Reports Rise as Supply Chain Attacks Surge

US Breach Notification Transparency Declining, Identity Theft Resource Center WarnsThe number of breach reports filed by U.S. organizations looks set to break records, as breaches tied to phishing, ransomware and supply chain attacks keep surging, the Identity Theft Resource Center warns. It says that there’s also been a rise in tardy breach notifications containing little …

Data Breach Reports Rise as Supply Chain Attacks Surge Read More »

Intuit warns QuickBooks customers of ongoing phishing attacks

Intuit has warned QuickBooks customers that they are targeted by an ongoing phishing campaign impersonating the company and trying to lure potential victims with fake renewal charges. The company said it received reports from customers that they were emailed and told that their QuickBooks plans had expired. “This email did not come from Intuit. The sender is not …

Intuit warns QuickBooks customers of ongoing phishing attacks Read More »