LATEST POST
Law enforcement takes down LockBit3.0 site and infrastructure; free decryptor available
When law enforcement takes down what has been described as the biggest and longest-running ransomware-as-a-service (RaaS) criminal operation, it’s big news. Yesterday, LockBit3.0’s site was replaced with a seizure notice that indicated that LockBit and its infrastructure were now under law enforcement control. In a press release this morning, the National Crime Agency (NCA) provided […]
US and partners kicked Russian GRU hackers out of routers, FBI says
The Record reports: The U.S. and partners around the world ousted Russian government hackers from a network of more than 1,000 home and small business routers, FBI Director Christopher Wray said on Thursday. The law enforcement action, dubbed Operation Dying Ember, has not been previously announced. “Working with U.S. and worldwide law enforcement partners we […]
Cybercriminals are stealing Face ID scans to break into mobile banking accounts
The Register reports: Cybercriminals are targeting iOS users with malware that steals Face ID scans to break into and pilfer money from bank accounts – thought to be a world first. A Chinese-speaking cybercrime group, dubbed GoldFactory by Group-IB’s researchers, started distributing trojanized smartphone apps in June 2023, however, the latest GoldPickaxe version has been […]
The Pentagon is notifying individuals affected by 2023 email data breach
GovExex reports: The Defense Department is notifying some 26,000 individuals who were impacted by a data breach that was linked to a now secured server whose contents were released online last year, a spokesperson confirmed to Nextgov/FCW. The Pentagon’s Defense Intelligence Agency on Feb. 1 issued a notice to those affected — including current and former employees — […]
New Jersey law enforcement officers sue data brokers who didn’t remove their personal info
The Record reports 118 class action lawsuits have been filed against data brokers who allegedly failed to respond to requests from New Jersey law enforcement personnel who requested their personal information be removed from the internet. Daniel’s Law, named for Daniel Anderl, the son of Judge Esther Salas and Mark Anderl, who was murdered by […]
TCS issues final ultimatum to remote employees: come back to the office by March
People Matters reports: Tata Consultancy Services (TCS) issued a final ultimatum to employees currently working remotely, instructing them to return to the office by March. Although the IT giant has extended the deadline to the next month, non-compliance is warned to result in severe consequences. According to India Today, NG Subramaniam, TCS’s chief operating officer, […]
FCC Updates Security Breach Rules for Telecommunications Service Breaches
In honor of Privacy Day, Steven A. Augustino and Jack Pringle of Nelson Mullins have highlighted new security breach rules promulgated by the Federal Communications Commission (FCC). Their article begins by pointing out something also noted in the healthcare sector, where increasing concurrent jurisdiction increases the number of federal and state regulations entities must comply […]
Do you know what your cyber policy covers? (Southwest Airlines v. Liberty Insurance Underwriters)
An article by attorneys at Barnes & Thornburg LLP discusses a court case that serves as a useful reminder of how provisions of cyber policies may be interpreted when it comes to coverage of cyber-related incidents — even when those incidents are not data breaches. In 2016, Southwest Airlines suffered a computer system failure that […]