LATEST POST
NYDFS Issues Industry Guidance on Risks Arising from Artificial Intelligence
It seems like everything is “AI” these days, but there’s also an increasing awareness of the flaws or risks in using AI for some purposes, including AI making up things that just aren’t true (called “hallucinations”). But there are also cybersecurity risks. From Covington and Burling: On October 16, 2024, the New York Department of […]
HIPAA Gets a Potential Counterpart in HISAA
Legislation proposed in September would mandate minimum cybersecurity requirements in the healthcare sector. Kevin Wood, the Chair of Winstead’s Healthcare Industry Group, writes: …. Senators Ron Wyden (D-OR) and Mark Warner (R-VA) introduced the Health Infrastructure Security and Accountability Act (HISAA) on September 26, 2024. Like HIPAA and HITECH before it, which established minimum levels […]
Cyberwar: Credit cards readers across Israeli stores, gas stations crash in suspected DDoS attack
It is not the first time, but it appears Iran has again attempted to attack Israel via cyberattacks. The Jerusalem Post reports: Thousands of credit card readers across Israeli gas stations and supermarket chains malfunctioned on Sunday morning in what the company responsible for the readers’ cyber safety called a suspected DDoS attack. Hyp Credit Guard […]
They’re back? Scattered Spider, BlackCat claw their way back from criminal underground
When BlackCat pulled an exit scam in February after extorting Change Healthcare for $22 million, people started speculating how long it would be before they re-branded and re-emerged. We may have an answer now. The Register reports that both BlackCat (aka ALPHV) and Scattered Spider appear to be back: In October, security firm ReliaQuest responded […]
South Korea fined Meta $15.67M for illegally collecting and sharing Facebook users’ information
South Korea’s Personal Information Protection Commission has fined Meta 21.61 billion won for leaking the personal information about its users without their consent. That’s $15.5 million at today’s conversion rate. Joong Ang Daily reports: The Personal Information Protection Commission (PIPC) said Meta had collected such information about 980,000 users located in Korea via their Facebook […]
Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks
The Hacker News reports a significant arrest: Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander “Connor” Moucka (aka Judische and Waifu), was apprehended on October 30, 2024, on the […]
Cybercrime: Arrests in Hesse and Rhineland-Palatinate
Bundeskriminalamt (BKA) announced the seizure of two websites and two arrests: In an internationally coordinated operation by the Central Office for Combating Internet Crime ( ZIT ) of the Public Prosecutor General’s Office in Frankfurt am Main, the Hessian State Criminal Police Office ( HLKA ) and the Federal Criminal Police Office ( BKA ) on suspicion of various cybercrime offenses, officers of the HLKA executed […]
Interbank confirms data breach following failed extortion, data leak
Bleeping Computer reports that Interbank has confirmed a data breach after a threat actor started leaking data online. Even though the bank has yet to disclose the exact number of customers whose data was stolen or exposed in the breach, as first spotted by Dark Web Informer, a threat actor who uses the “kzoldyck” handle is […]