The Herald Sun reports: Medibank has thanked the Albanese government for pursuing the Russian hacker behind Australia’s worst cyber attack, although a leading IT security expert warns it is unlikely to deter further data breaches. The government named Russian man Aleksandr Ermakov as the perpetrator of the October 2022 Medibank data breach, imposing new sanctions on the […]
Jeremy Fowler reports: Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained nearly 1.3 million records, which included COVID-19 testing information and personally identifiable information such as the patient’s name, date of birth, and passport number. The publicly exposed database contained an estimated 1.3 million records that included 118,441 certificates, […]
Ars Technica reports: Read more at Ars Technica.
Tip Ranks reports: V.F. Corp., the name behind brands such as The North Face, Timberland, Dickies, and Vans, announced that a cyber incident in December resulted in the data breach of nearly 35.5 million customers. Last month, the cyber incident hampered VFC’s order fulfillment on its eCommerce portal. At the time, the company expected the […]
In its The State of Ransomware in the U.S. report for 2023, Emsisoft opined that the only solution to the ransomware crisis is to completely ban ransomware payments. That recommendation has generated some discussion, and now Becker’s has also reached out to health system CISOs to get their reaction to the recommendation. The majority’s opinion […]
Today’s General Counsel reports: Genetic testing company 23andMe, which is facing more than 30 lawsuits from the victims of a massive data breach, is claiming that the victims themselves are to blame for the loss of their own data, TechCrunch reports. In a letter to hundreds of 23andMe users suing the company, 23andMe said the victims “negligently […]
Bleeping Computer reports: Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week. The cybersecurity agency added the flaws to its Known Exploited Vulnerabilities Catalog today, saying that such vulnerabilities are “frequent attack […]
From the Harvard Business Review: In December of 2020, SolarWinds learned that they had fallen victim to hackers. Unknown actors had inserted malware called SUNBURST into a software update, potentially granting hackers access to thousands of its customers’ data, including government agencies across the globe and the US military. General Counsel Jason Bliss needed to […]
Daryna Antoniuk reports: One of Taiwan’s biggest semiconductor manufacturers has fallen victim to a cyberattack, supposedly carried out by the notorious LockBit ransomware gang. The hackers posted a threatening message on Foxsemicon’s website, stating that they had stolen its customers’ personal data and would publish it on their darknet website if the company refused to […]
Four-in-ten employees sacked over email security breaches as firms tackle “truly staggering” increase in attacks
ITPro reports: Nearly half of workers responsible for email security breaches over the last year have been sacked, according to new search, as cyber leaders begin taking a tougher stance amid a surge in attacks. Research from cyber security firm Egress found that 94% of organizations globally have experienced a serious email security incident in […]