LATEST POST
No, Your Steam Account Didn’t Just Get Hacked
How-to Geek reports, “There have been rumors about a large-scale data breach impacting nearly 90 million Steam accounts. However, the original source was debunked, so you probably don’t have anything to worry about.” But if you want to err on the side of caution, it wouldn’t hurt to change your password for Steam and anywhere […]
New York Tightens the Breach Clock: 30 Days to Notify
As seen at Corporate Compliance Insights: Organizations handling New Yorkers’ data now face one of the country’s shortest breach notification deadlines. Morrison Foerster attorneys Melissa Crespo and Reiley Porter break down the state’s recent amendments that impose a 30-day notification requirement and expand protected information categories to include medical and health insurance data. Recent amendments […]
Moldova arrests suspect linked to DoppelPaymer ransomware attacks
Bleeping Computer reports that an unnamed 45-year-old suspect linked to DoppelPaymer ransomware attacks targeting Dutch organizations in 2021 has been arrested by Moldovan police. Police officers searched the suspect’s home and car on May 6, seizing an electronic wallet, €84,800, two laptops, a mobile phone, a tablet, six bank cards, and multiple data storage devices. […]
Department of Justice says data breach exposed information on diocesan sex abuse survivors
CNA reports that the U.S. Department of Justice (DOJ) states that recent data breach of a California consulting firm exposed data of Catholic clergy abuse survivors in nearly a dozen bankruptcy lawsuits. In a May 6 letter, which is embedded below and originally appeared on Catholic News Agency, the DOJ informs a law firm about […]
Google warns against Russia-based hacking group using new malware to steal data
The Times of India reports: Google’s Threat Intelligence Group (GTIG) has issued a warning about a Russia-based hacking group, known as COLDRIVER. The Alphabet-owned company claims that this hacking group is using a newly identified malware called LOSTKEYS to steal data. The tech giant claims that this malware, which was tracked in multiple attacks this […]
Conflict between India and Pakistan escalates on the ground and in cyberspace
The conflict between Pakistan and India escalated sharply over the past week. Pakistan has now launched strikes against Indian military bases, claiming retaliation for strikes by India. Strikes in cyberspace also continue. Radio Pakistan reports: According to details, the official website of the BJP has been hacked. Amongst the hacked websites are the Crime Research Investigation Agency, Mahanagar […]
DOGE software engineer’s computer infected by info-stealing malware
Ars Technica reports on another concerning security issue involving DOGE: Login credentials belonging to an employee at both the Cybersecurity and Infrastructure Security Agency and the Department of Government Efficiency have appeared in multiple public leaks from info-stealer malware, a strong indication that devices belonging to him have been hacked in recent years. Kyle Schutt […]
Defending Against UNC3944/Scattered Spider: Cybercrime Hardening Guidance from the Frontlines – Mandiant
Background UNC3944, which overlaps with public reporting on Scattered Spider, is a financially-motivated threat actor characterized by its persistent use of social engineering and brazen communications with victims. In early operations, UNC3944 largely targeted telecommunications-related organizations to support SIM swap operations. However, after shifting to ransomware and data theft extortion in early 2023, they impacted […]