LATEST POST
Department of Homeland Security Pushes for Common Cyber Incident Reporting Definitions
The U.S. Department of Homeland Security has released a report, “Harmonization of Cyber Incident Reporting to the Federal Government.” The report, which was released on Sept. 19, notes that there are currently dozens of cyberattack reporting requirements at the federal level. DHS is seeking to come up with a manageable and solution: … this report […]
UnitedLex faces potential class action over data breach
In August, The Data Breach Times reported a data breach involving UnitedLex that raised questions about their security and incident response. The article also noted a lawsuit that was filed by a former employee. This week, the Kansas City Business Journal reports another lawsuit stemming from that breach. This one reportedly: accuses UnitedLex of negligence […]
Lazarus Group Exploits ManageEngine Vulnerability
HC3: Sector AlertTLP:CLEARReport: 202309181700 Executive Summary Cisco Talos has published an open-source report regarding the North Korean state-sponsored actor, the Lazarus Group, reported to be targeting internet backbone infrastructure and healthcare entities in Europe and the United States. The attackers have been exploiting a vulnerability in ManageEngine products, which is tracked as CVE-2022-47966. This vulnerability […]
MultiCare Health System Gets Unions’ Kronos Pay Case Win Overturned on Appeal
Bloomberg Law reports that MultiCare Health System will get another chance to avoid liability for attempts to recoup wage overpayments in litigation following a hack of its vendor timekeeping system Kronos in 2021. With the timekeeping system not functioning due to a ransomware attack, many firms wound up using old wage statements or other methods […]
War crimes tribunal International Criminal Court says it has been hacked
Reuters reports: The International Criminal Court (ICC) said on Tuesday its computer system had been hacked, a breach at one of the world’s most high-profile international institutions and one that handles highly sensitive information about war crimes. The ICC said it had detected unusual activity on its computer network at the end of last week, […]
Web Hoster Must Defend Hacking Lawsuit by Client, Judge Rules
According to a report by Bloomberg Law, e-commerce services vendor Freestyle Solutions Inc. failed to convince a federal court judge in New Jersey to totally dismiss a lawsuit by Penn LLC (PulseTV). The lawsuit stemmed from a data breach affecting more than 236,000 customers of PulseTV whose payment card data was compromised in a breach that continued […]
Victims of MOVEit breach continue to emerge
One of the biggest breaches of 2023 involves the 0-day attack by Clop threat actors on file transfer software called MOVEit by Progress Software. The attack was launched in May and June. It affected more than 1,100 entities and more than 56 million people according to statistics compiled by Emsisoft. One of the most recent […]
Analyst: MGM losing $4.2M-$8.4M a day because of cyberattack
MGM Resorts International could be losing between $4.2 million and $8.4 million in daily revenue and around $1 million in cash flow every day it’s under a cyberattack, a gaming industry analyst said in a Sunday report to investors. David Katz, an equity analyst with New York-based Jefferies Group, in a weekly report on gaming, […]