LATEST POST
Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management
Another day, another critical patch. The Register reports: Cisco has pushed a patch for a critical, 9.9-rated vulnerability in its Meeting Management tool that could allow a remote, authenticated attacker with low privileges to escalate to administrator on affected devices. Cisco Meeting Management is the management software for the tech giant’s on-premises video meeting platform. […]
PowerSchool data breach a ‘statewide issue,’ more than 300,000 teachers had SS number exposed
On December 28, PowerSchool discovered that its Student Information System (SIS) program had been compromised. Since then, more and more schools in the U.S. and Canada have been notifying parents and students that student information stored in the system — including a lot of historical data on former students — was involved in the breach. […]
New York State Department of Financial Services Secures $2 Million Cybersecurity Settlement with PayPal, Inc.
PayPal’s Cybersecurity Failures Led to the Exposure of Customers’ Social Security Numbers January 23, 2025 New York State Department of Financial Services Superintendent Adrienne A. Harris today announced that PayPal, Inc. (PayPal) will pay a $2 million penalty to New York State for violations of DFS’s Cybersecurity Regulation. An investigation determined PayPal failed to use qualified […]
NYS Attorney General James Announces Court Win Allowing Lawsuit Against Citibank to Continue
Citi cannot dodge lawsuit over failure to protect customer accounts from fraud A press release issued by AG James on January 21: NEW YORK – New York Attorney General Letitia James today announced a significant victory in her case against Citibank (Citi) after a judge denied Citi’s motion to dismiss the Office of the Attorney […]
When the “Help Desk Manager” isn’t really your helper
That invitation to a Teams call on which IT promises to mop up a spamstorm may not be what it seems Seen on The Register: Two ransomware campaigns are abusing Microsoft Teams to infect organizations and steal data, and the crooks may have ties to Black Basta and FIN7, according to Sophos. The antivirus maker’s […]
Government IT contractor Conduent says ‘third-party compromise’ caused outages
What third party, you wonder? They don’t say. Recorded Future reports: A recent outage affecting the government technology contractor Conduent was due to a cyberattack that compromised the company’s operating systems. A Conduent spokesperson told Recorded Future News the company recently “experienced an operational disruption due to a third-party compromise” of one of their operating […]
Big guns going after big guns: Firm Behind Big Tobacco Settlement Now Suing Deloitte Over RI Data Breach
Deloitte has already been sued over the breach involving Rhode Island benefits recipient data. But now there’s a bigger suit. GOLOCAL/Prov Rhode Island reports: The law firm that negotiated the $246 billion settlement with big tobacco is now suing Deloitte over the recent massive data breach in Rhode Island. In a 65-page complaint filed this week in […]
Personal information of Toronto District School Board students going back 4 decades may have been breached in PowerSchool incident
The PowerSchool breach that is giving school districts throughout the U.S. major headaches also affected school districts in Canada. The Toronto Star reports: Toronto’s public school board says personal information of its students dating back to 1985 may have been breached during a recent cybersecurity incident that affected many districts across North America. … The […]