As if there weren’t enough concerns with misconfigured Amazon AWS s3 buckets exposing data, now we read this: Security researchers at Rhino Security Labs have uncovered a concerning vulnerability in Amazon Web Services (AWS) S3 storage systems that could allow attackers to execute ransomware attacks against cloud-stored data. The research demonstrates how attackers can encrypt S3 bucket […]
Joseph Lazzarotti of the Jackson Lewis law firm has some helpful advice for schools affected by the PowerSchool breach. Here are a few snippets: State breach notification laws generally place the obligation to notify affected persons and others on the owner of the personal information compromised in the breach, not the service provider that had […]
The Associated Press reports: Japan on Wednesday linked more than 200 cyberattacks over the past five years targeting the country’s national security and high technology data to a Chinese hacking group, MirrorFace, detailing their tactics and calling on government agencies and businesses to reinforce preventive measures. The National Police Agency said its analysis on the […]
Last month, the Federal Trade Commission announced that it was taking action against Gravy Analytics Inc. and its subsidiary Venntel Inc. for unlawfully tracking and selling sensitive location data from users, including selling data about consumers’ visits to health-related locations and places of worship. Under a proposed order, Gravy Analytics and Venntel will be prohibited from […]
Bleeping Computer reports: Ukrainian hacktivists, part of the Ukrainian Cyber Alliance group, announced on Tuesday they had breached Russian internet service provider Nodex’s network and wiped hacked systems after stealing sensitive documents. “The Russian internet provider Nodex in St. Petersburg was completely looted and wiped. Data exfiltrated, while the empty equipment without backups was left […]
Another big monetary penalty for Meta. Well, it would be big for most of us, but…. TechCrunch reports: Meta has been fined €251 million (around $263 million) in the European Union for a Facebook security breach that affected millions of users, which the company disclosed back in September 2018. The penalty, issued on Tuesday by Ireland’s […]
In September 2024, T-Mobile settled Federal Communications Commission charges stemming from four data breaches. Details of the four breaches, including a 2021 incident, were included in the consent decree. To settle the FCC’s investigations, T-Mobile agreed to pay a civil penalty of $15,750,000 andcommitted to spending an additional $15,750,000 over the next two years to […]
China’s spokespeople keep denying claims by U.S. officials, but U.S. officials have not retracted or backed off at all on their claims about Chinese espionage and cyberattacks. The Wall Street Journal reports: The message from President Biden’s national security adviser was startling. Chinese hackers had gained the ability to shut down dozens of U.S. ports, […]
Siri may have sounded benevolent, but was she really recording you without your knowledge or consent and then sharing what she learned? Agence France-Press reports: Apple has agreed to pay US$95 million to settle a lawsuit accusing its digital assistant Siri of listening in on users’ private conversations. The proposed settlement filed in an Oakland, California, […]
The Associated Press reports that the U.S. Treasury Department has described remote access by Chinese state-sponsored hackers to workstations and unclassified documents as a “major cybersecurity incident.” The Treasury Department said it learned of the latest problem on Dec. 8, when a third-party software service provider, BeyondTrust, flagged that hackers had stolen a key “used […]
