If you don’t audit your vendors, will you know if they are really adhering to the security provisions of your contract with them? Maybe you’ll get lucky, and disgruntled employees will blow the whistle. The Register reports: The US is suing one of its leading research universities over a litany of alleged failures to meet […]
From the Cleveland FBI: On August 12, FBI Cleveland announced the disruption of “Radar/Dispossessor”—the criminal ransomware group led by the online moniker “Brain”—and the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Since its inception in August 2023, Radar/Dispossessor has quickly developed […]
The BBC reports: The FBI has opened an investigation into allegations from the Trump campaign that it was targeted by hackers working for the Iranian government. “We can confirm the FBI is investigating the matter,” the agency said in a short statement on Monday without specifically naming the former president or Iran. A Trump campaign […]
Here we go again with foreign interference in our national election? Maybe. Politico reports: Former President Donald Trump’s campaign said Saturday that some of its internal communications had been hacked. The acknowledgment came after POLITICO began receiving emails from an anonymous account with documents from inside Trump’s operation. The campaign blamed “foreign sources hostile to […]
If verified, one of the largest breaches ever of personal information of Americans, Canadians, and UK persons went up for sale on a hacking forum on April 7. While researchers and analysts watched and started investigating the listing, the background checks firm allegedly responsible for the data remained silent, neither confirming nor refuting the claimed […]
The 2022 ransomware attack on Advanced, a National Health Service (NHS) vendor, was devastating to patient care. Now the U.K.’s Information Commissioner’s Office has indicated it plans to impose a substantial fine on the vendor. TechCrunch reports: U.K. data protection authorities have issued a provisional fine of more than £6 million to NHS vendor Advanced […]
Unknown threat actors have been putting Americans’ lives in danger this week. First there was a ransomware attack on OneBlood, a non-profit blood donation center that supplies blood to hospitals throughout southeastern US. Then there was a disruptive attack on the 911 dispatch system for central Texas. Those responsible for the two attacks have not […]
Some ransomware groups pledge not to encrypt any medical entity if doing so would risk life. Not all ransomware groups have taken that pledge, however, and even some that claim they will not encrypt, do. Scripps News reports a ransomware attack is affecting blood availability to hospitals throughout the southeast U.S.: A nonprofit blood donation […]
IBM’s new cost of a data breach report is out, and the numbers are not encouraging. By the numbers: $4.88 million — The global average cost of a data breach in 2024—a 10% increase over last year and the highest total ever. The highest average cost was $9.77 million for the healthcare sector. The industrial sector […]
Leaked Environment Variables Allow Large-Scale Extortion Operation of Cloud Environments – Researchers
Researchers at Palo Alto Network have reported a serious risk to organizations using cloud services that may result in an organization’s files being deleted and held for ransom. The risk is not due to any vulnerability with the cloud services themselves. The risk is due to the victim organizations misconfiguring their settings and inadvertently exposing […]