Veterans Day 2024
Thank you to all those who have served our country. May today be a day where you feel appreciated for your sacrifices and for the rest of us to remember what you did and honor you.
Cyberwar: Credit cards readers across Israeli stores, gas stations crash in suspected DDoS attack
It is not the first time, but it appears Iran has again attempted to attack Israel via cyberattacks. The Jerusalem Post reports: Thousands of credit card readers across Israeli gas stations and supermarket chains malfunctioned on Sunday morning in what the company responsible for the readers’ cyber safety called a suspected DDoS attack. Hyp Credit Guard […]
Canadian Suspect Arrested Over Snowflake Data Breach and Extortion Attacks
The Hacker News reports a significant arrest: Canadian law enforcement authorities have arrested an individual who is suspected to have conducted a series of hacks stemming from the breach of cloud data warehousing platform Snowflake earlier this year. The individual in question, Alexander “Connor” Moucka (aka Judische and Waifu), was apprehended on October 30, 2024, on the […]
Right back atcha: CrowdStrike sues Delta Air Lines
Days after Delta Air Lines sued cybersecurity vendor CrowdStrike for $500 million in losses that it attributes to the vendor’s outage, CrowdStrike countersued its customer. CyberDaily reports CrowdStrike’s statement, previously reported by The Times of India, but adds CrowdStrike’s counterclaim that Delta delayed its own recovery by refusing assistance from it and its partner, Microsoft: […]
RedLine, META infostealer malware operations disrupted by “Operation Magnus”
An announcement by Dutch police in conjunction with their law enforcement partners had cyberdefenders smiling yesterday. Law enforcement had seized the source code and network infrastructure for RedLine and META infostealers. In what has been called “Operation Magnus,” law enforcement warned cybercriminals that they got their data, too. In a “final update” video, law enforcement […]
Delta sues CrowdStrike over “catastrophic” software update that prompted mass flight disruptions
The Times of India reports that Delta Air Line sued CrowdStrike over the firm’s faulty software update in July that resulted in widespread outages for CrowdStrike customers. Delta had to cancel 7,000 flights for 1.3 million customers and suffered $500 million in losses. CrowdStrike responded to the lawsuit, which was filed in Georgia state court […]
Four cyber companies fined for SolarWinds disclosure failures
The Record reports that the Securities and Exchange Commission has charged four cybersecurity firms for their disclosures stemming from the SolarWinds incident in 2020: The Securities and Exchange Commission (SEC) charged four companies —- Check Point, Avaya, Unisys and Mimecast — for making “materially misleading” disclosures related to cybersecurity risks and intrusions. Tuesday’s announcement is the result […]
Two Sudanese nationals indicted for operating the Anonymous Sudan group; DDoSers alleged to attempt to injure or kill
While entities should be concerned about the risk of hacks or attempts to exfiltrate or encrypt data, the risk of a DDoS attack should not be ignored. Distributed Denial of Service (DDoS) attacks can totally disrupt an entity’s website or ability to function. Huge botnets enable serious power slamming websites and preventing them from functioning. […]
Can cyberinsurers or reinsurers justifiably refuse to reimburse victims for ransom payments to those on the U.S. sanctioned list?
If your company is the victim of a ransomware attack and you decide you have no choice but to pay the threat actors, can your cyberinsurer or cyberinsurance reinsurer decline to reimburse you if the threat actors you paid are on Treasury’s sanctioned list? Would reimbursing them expose the cyberinsurer or reinsurer to problems with […]
Casio Confirms Data Breach as Ransomware Group Leaks Files
Security Week reports that Japanese electronics giant Casio has revealed that the recent cyberattack was carried out by a ransomware group and confirmed that the incident has resulted in a data breach: Casio said last week that it had detected unauthorized access to its network on October 5. The incident resulted in a system failure and some […]