LATEST POST
Breach exposes 2.9 lakh Bangalore Water Supply and Sewerage Board’ customers’ data
Deccan Herald reports: A major data breach in the Bangalore Water Supply and Sewerage Board’s (BWSSB) application portal for water connection has exposed over 2.90 lakh customer records. The access to these records, including PAN, Aadhaar numbers, payment data and mobile numbers, was put on sale on an underground data leaks forum on the internet […]
‘Dangerous’ Russian hacking group exploits bugs in Microsoft Windows, Firefox browser: What users should do
TOI Tech Desk reports: A Russian-linked hacking group is reportedly exploiting two newly discovered zero-day vulnerabilities. Security researchers have warned that the Russian cybercrime group known as RomCom has been misusing these security flaws to target Firefox and Windows users in Europe and North America. These “zero-click” exploits, identified by security firm ESET, allowed hackers […]
North Dakota Expands Data Security Requirements
Seen on The National Law Review: On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates a new data security mandate for financial corporations—a category that includes non-depository entities regulated by the Department of Financial Institutions […]
DragonForce expands ransomware model with white-label branding scheme
Bleeping Computer reports: The ransomware scene is re-organizing, with one gang known as DragonForce working to gather other operations under a cartel-like structure. DragonForce is now incentivizing ransomware actors with a distributed affiliate branding model, providing other ransomware-as-a-service (RaaS) operations a means to carry out their business without dealing with infrastructure maintenance cost and effort. […]
Gallagher hammered in £11 million broker negligence ruling
Broker found at fault over Lloyd’s, Hiscox, QBE policy mess up Insurance Business Magazine reports: Read more at Insurance Business Magazine.
Hackers release millions of files after Oregon DEQ cyberattack
Oregon Public Broadcasting reports: A ransomware group has released over a million files that the group says it stole from the Oregon Department of Environmental Quality. The files appear to include sensitive information about DEQ employees. It’s not clear if private vehicle registration data or other information related to Oregonians who don’t work at DEQ […]
Army Nursing College Website Hacked By Pakistan-Based Hackers, Defaced With Pahalgam Attack Graphics
Jagran reports: The Army College of Nursing website has been allegedly hacked by a Pakistan-based hacker group called Team Insane PK, days after the Pahalgam terror attack in Jammu and Kashmir. The hacker attack took place two days after India announced five strict measures against Pakistan including the suspension of the Indus Waters Treaty and declaring […]
FBI IC3, Verizon DBIR, Google M-Trends reports are out—here are key takeaways
Risky Biz News reports: There are a handful of seminal reports in the cybersecurity industry, and lo and behold, three of them were released on Wednesday. Mandiant’s team, now part of Google Cloud, released M-Trends, Verizon released its Data Breach Investigations Report (aka DBIR), and the FBI Internet Crime Complaint Center (IC3) released its yearly Internet Crime Report [PDF]. […]