LATEST POST
Data Breach Prompts Coast Guard to Take Personnel and Pay System Offline
Military.com reports: The Coast Guard‘s personnel and pay system was taken offline Friday and will remain down until at least Feb. 19 while officials investigate a data breach that affected more than 1,100 members. Coast Guard officials said Friday that the service’s Direct Access system, which manages pay and personnel matters, including orders, was hacked Friday, exposing sensitive […]
Brightline to pay $7M to resolve Fortra hack lawsuit
2023 was a bad year for commercial file transfer software apps because the Clop ransomware gang kept managing to find zero-day vulnerabilities to exploit. One of their campaigns involved Fortra’s GoAnywhere software. Even though Fortra issued a patch for CVE-2023-0669 within a week of discovery, there were many victims, including Brightline. Now TechTarget reports that […]
New Lazarus Group campaign sees North Korean hackers spreading undetectable malware through GitHub and open source packages
The North Korean state-sponsored threat actor known as Lazaraus Group is now running a campaign targeting software and Web3 developers with “undetectable” malware. MSN reports: Cybersecurity researchers at STRIKE from SecurityScorecard said they observed malware being embedded into GitHub repositories and NPM packages, where unsuspecting developers pick them up and integrate into their own projects. The […]
China-linked APT Salt Typhoon has breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices.
Security Affairs reports: China-linked APT group Salt Typhoon is still targeting telecommunications providers worldwide, and according to a new report published by Recorded Future’s Insikt Group, the threat actors has breached more U.S. telecommunications providers by exploiting unpatched Cisco IOS XE network devices. Insikt Group researchers reported that the Chinese hacked have exploited two Cisco flaws, tracked […]
Ninth Circuit upholds $725M Facebook settlement in Cambridge Analytica case, rejects objectors’ appeal
Courthouse News Service has an update on the Cambridge Analytica settlement. The Ninth Circuit Court of Appeals ruled Thursday afternoon that a federal court did not abuse its discretion in 2023 when it approved a $725 million settlement between Facebook, Inc. — now known as Meta — and a settlement class concerning the Cambridge Analytica scandal, an event in which […]
Elon Musk’s DOGE Posts Classified Data On Its New Website
Some might say it was only a matter of time. HuffPost reports: Elon Musk’s team at the so-called Department of Government Efficiency has posted classified information about the size and staff of a U.S. intelligence agency on its new website, raising bigger concerns about where Musk’s programmers got this information and what they are doing […]
Virginia AG’s office says it was struck by ‘sophisticated cyberattack’
The Washington Post reports: A “sophisticated cyberattack” struck the offices of Virginia Attorney General Jason S. Miyares on Wednesday, forcing the agency to shut down computer systems and resort to paper court filings as Virginia State Police and the FBI investigate. “Unfortunately our agency has been the victim of what appears to be a sophisticated […]
Should India adopt a threshold-based data breach reporting?
MediaNama reports: India needs a threshold-based system for data breach reporting, speakers argued at MediaNama’s discussion on the draft Digital Personal Data Protection Rules (DPDP Rules, 2025) on February 7. This came as a comment during the session on the draft rules around data breaches. MediaNama conducted this discussion under the Chatham House Rule. (Chatham […]