Attacks, Threats, and Vulnerabilities
Extremists Celebrate Taliban Takeover of Afghanistan on Social Media (Wall Street Journal) Islamist extremist social media lit up with celebratory messages as the Taliban cemented its control over Afghanistan, raising concerns that a weakened al Qaeda and other terrorist groups could stage a comeback.
The Cybersecurity 202: Sensitive government data could be another casualty of Afghan pullout (Washington Post) Among the many long-term costs of the rapid fall of the Afghan government and the swift withdrawal of U.S. diplomatic and military personnel, count this one: Troves of sensitive U.S. government data are surely being left behind in the nation now under Taliban control.
Russian intelligence services are colluding with ransomware gangs, report (Computing) Researchers at Analyst1have found a custom espionage malware that enables hackers to harvest keystrokes and confidential documents for espionage purposes
Secret terrorist watchlist with 2 million records exposed online (BleepingComputer) A secret terrorist watchlist with 1.9 million records, including "no-fly" records was exposed on the internet. The list was left accessible on an Elasticsearch cluster that had no password on it.
FBI watchlist exposed by misconfigured Elasticsearch cluster (SearchSecurity) Researcher Bob Diachenko has discovered an Elasticsearch cluster with an FBI terrorism watchlist that was exposed to the open internet.
1.9 million records from the FBI's terrorist watchlist leaked online (The Record by Recorded Future) A copy of the FBI's terrorist watchlist was exposed online for three weeks between July 19 and August 9, 2021, a security researcher revealed today.
T-Mobile Confirms It Was Hacked (Vice) "We have determined that unauthorized access to some T-Mobile data occurred."
T-Mobile confirms hack after customer data ends up for sale on cybercrime forum (The Record by Recorded Future) US telecommunications giant T-Mobile has confirmed today that hackers breached some of its internal servers but said that it is still investigating if "any personal customer data" was stolen in the breach.
T-Mobile confirms breach but still investigating if personal data was stolen (CNET) More than 100 million people are reportedly affected.
T-Mobile Says Hackers Breached Company Database (Wall Street Journal) The U.S. wireless operator said it is determining whether customers’ personal information was accessed by hackers.
The T-Mobile Data Breach Is One You Can’t Ignore (Wired) Hackers claim to have obtained the data of 100 million people—including sensitive personal information.
About 6,000 Lose Personal Data to Colonial Pipeline Hackers (The Daily Signal) Hackers of the Colonial Pipeline stole personal data, including Social Security numbers and insurance information, from nearly 6,000 people.
Colonial Pipeline reports data breach after May ransomware attack (BleepingComputer) Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to individuals affected by the data breach resulting from the DarkSide ransomware attack that hit its network in May.
Colonial Pipeline says ransomware attack also led to personal information being stolen (CNN) The ransomware attack that forced Colonial Pipeline, one of the largest fuel pipelines in the United States, to go offline this spring also compromised the personal information of nearly 6,000 individuals, a company spokesperson told CNN Business.
New HolesWarm botnet targets Windows and Linux servers (The Record by Recorded Future) A new botnet named HolesWarm has been slowly growing in the shadows since June this year, exploiting more than 20 known vulnerabilities to break into Windows and Linux servers and then deploy cryptocurrency-mining malware.
Social Platforms Feel Policy Pressure on Teen Privacy Controls (Bloomberg Law) Tech companies including TikTok, Alphabet Inc., and Facebook Inc. are tightening privacy controls for teenagers as social media platforms feel policy pressure over protections for younger users.
Devices From Many Vendors Can Be Hacked Remotely Due to Flaws in Realtek SDK (SecurityWeek) Researchers estimate that as many as a million IoT devices could be exposed to remote hacker attacks due to serious vulnerabilities found in Realtek SDKs.
Ford bug exposed customer and employee records from internal systems (BleepingComputer) A bug on Ford's website allowed for accessing sensitive systems and obtaining proprietary data, such as customer databases, employee records, internal tickets, etc. The data exposure stemmed from a misconfigured instance of Pega customer engagement system running on Ford's servers.
CMS Germany Hit By Cyber Attack (Law.com International) The firm is one of several in recent years to be hit by malware attacks.
Rural sewage plants hit by ransomware attacks in Maine (AP NEWS) A pair of ransomware attacks on sewage treatment plants in rural Maine communities demonstrates that small towns need to be just as vigilant as larger communities in protecting against hackers, local officials said.
Wodify has Vulnerabilities That Exposes User's Personal and Financial Information, According to Researchers (Tech Times) Wodify refused to comment about the vulnerabilities, but did say it is working on patches to fix the issue.
Copyright scammers turn to phone numbers instead of web links (Naked Security) Forewarned is forearmed. Here’s our advice on dealing with “copyright infringement” scammers.
Sistersville General Hospital part of Health System cyber attack (WTRF) Memorial Health System experienced an information technology security incident in the early morning hours on Sunday. As a result, Memorial Health System suspended user access to information t…
Half of US Hospitals Shut Down Networks Due to Ransomware (Infosecurity Magazine) Skills gaps, inventory issues and funding shortfalls add to security headaches
Fake COVID-19 vaccination certificates - Know all about the ongoing scam (DNA India) Fake COVID-19 vaccination certificates - Know all about the ongoing scam - In order to save their jobs, people who haven't taken their COVID-19 vaccine doses are seeking fake vaccination certificates as false proof.
Vulnerability Summary for the Week of August 9, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Facebook Adds End-to-End Encryption to Calls in Messenger (SecurityWeek) Facebook has updated the end-to-end encryption features in Messenger to provide users with more secure voice and video calling capabilities.
Trends
FinServ IAM Trends and Strategies (Keyfactor) Pulse and Keyfactor surveyed 100 IT and security leaders in the financial sector to discover trends in identity and access management (IAM), and where machine identities fit into their overall IAM strategy.
New PhishLabs Research Finds Sharp Jump in Attacks on Crypto As Overall Phishing Volume Increases 22% (BusinessWire) PhishLabs, digital risk protection solutions provider, released Q2 phishing report; finds phishing attacks increase 22%, sharp jump in Crypto attacks
Quarterly Threat Trends and Intelligence - August 2021 (Phishlabs) Download this report to gain insight into the latest phishing trends and key tactics threat actors use to target enterprises and their brands.
New Ponemon Institute Study Reveals Average Phishing Costs Soar to $14.8M Annually, Nearly Quadrupling Since 2015 (Proofpoint) Business email compromise (BEC) and ransomware attacks prove most costly phishing threats to large businesses
2021 Mid Year Threat Report (Zix) Get the latest cybersecurity data for 2021 to stay on top of global threats and prevent your important information from getting compromised.
Understanding and Improving the Burden on Threat Hunters (SecurityWeek) Report provides extensive insight into the existing role of corporate threat hunting – showing where threat hunters feel they are failing, and providing pointers on how their value can be improved
How does North America’s cyber risk compare to other regions? (Canadian Underwriter) If your client thinks they are more at risk of a cyberattack in the future, they may not be imagining things. According to a recent survey from global cybersecurity company Trend Micro, 80% of global organizations report they are more…
Amid Space Race, Cybersecurity And Resiliency Remain Concerns: Experts (Breaking Defense) The space rush will result in tens of thousands of new assets launched within the decade, which will create a "truly enormous" cyber attack surface, said Sam Visner, a technical fellow at the MITRE Corporation.
If I could go back in time, here’s what I’d say (Federal News Network) This content is written by Jim Richberg, the public sector CISO for Fortinet Federal. I spent a lot of years working for the Federal government. Long enough that I can tell stories about technology…
Marketplace
Baffle Raises $20M in Series B to Protect Cloud Data with Celesta Capital as Lead Investor (BusinessWire) Baffle raises $20M in Series B funding to protect cloud data with Celesta Capital as the lead investor.
Cybersecurity startup Trickest scores €1.4M seed round (PitchBook) Serbia-based Trickest has raised €1.4 million in a round led by Credo Ventures, with participation from Earlybird Ventures and founders of UiPath. Trickest's cloud-based platform provides automated...
Dasera gains awards and funding as it offers a cloud-focused, end-to-end approach for data security (SiliconANGLE) Dasera gains awards and funding as it offers a cloud-focused, end-to-end approach for data security - SiliconANGLE
RSA Security Gains Another Private Equity Investor: Clearlake Joins STG (MSSP Alert) Private equity firm Clearlake Capital Group invests in RSA Security. Clearlake joins Symphony Technology Group (STG) as equal RSA Security partner.
Netsurit Acquires Real Time Consultants, Inc. (PR Newswire) Netsurit, a managed service provider (MSP) industry leader, today announced its full acquisition of Real Time Consultants, Inc., a leading MSP...
Rubrik Announces Strategic Agreement with Microsoft to Mitigate Ransomware Threats and Tightly Integrate Cloud Services (Rubrik) Rubrik to accelerate joint solutions and deliver cyber resiliency for customers with Microsoft equity investment.
ZeroNorth Achieves Key Corporate Milestones in H1 2021 (ZeroNorth) Patent Filings Related to Vulnerability Management and AppSec Risk Support the Goal of Enabling Customers’ Progress Toward True DevSecOps Boston, August 17, 2021 –– ZeroNorth, the ...
Xator Subsidiary to Develop Biometric ID Vetting Platform for State Department (ExecutiveBiz) A Xator subsidiary has received a $46.8 million contract to build a multimodal biometric system to support vetting procedures at State Department facilities worldwide.InCadence Strategic Solutions will help the department's Office of the Chief Technology Officer implement the Ares biometric technology and the Diplomatic Security Identity Assurance System under the 10-year contract, Xator said Tuesday.The
After spyware scandal, Israeli NSO touts 'proud family of workers saving lives' (Haaretz) After global investigation put the Israeli cyberarms firm on the defensive, new campaign – using the hashtag #IamNSO – highlights NSO's ‘family’ of workers.
Test Cybersecurity Skills in Global Capture the Flag Competition (PR Newswire) Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today announced the 7th annual global Capture the Flag...
Axis Security Ahead of the Curve for Achieving Data Compliance Certifications (Axis security) Organization Reaffirms Commitment to Security and Privacy for Zero Trust Network Access Solution with SOC 2 Type II and ISO 27001 Certifications SAN MATEO, CA – Axis Security, the leader in Zero Trust Network Access (ZTNA), announced today it has achieved SOC 2 Type II Compliance and ISO 27001 certifications for its organization and ZTNA...
ESET Celebrates the fifth anniversary of No More Ransom Read more at: https://www.cxotoday.com/press-release/eset-celebrates-the-fifth-anniversary-of-no-more-ransom/ (CXO Today) ESET, a global leader in cybersecurity, celebrates the fifth anniversary of No More Ransom – a joint initiative started in 2016 by law enforcement and IT security companies to help victims of ransomware restore their files.
Arlo Solutions Named #153 on Inc. 5000 List of Fastest Growing Companies (Arlo Solutions) Arlo Solutions, a Washington, DC-based, woman-owned technology firm, was listed #153 on the 2021 Inc. 5000 annual ranking of the nation’s fastest-growing private companies. This number reflects Arlo’s tremendous growth rate of 2,758% over a three-year span.
Global VPN downloads set to hit 1 billion in 2021 (Finbold) Finbold projects that the number of VPN downloads globally will hit 1.05B in 2021. The projection represents a growth of 70.45% from H1 2021.
Exabeam Appoints Cybersecurity Industry Leader Pedro Abreu as Chief Operating Officer (BusinessWire) Exabeam today announced the appointment of former Forescout and McAfee executive Pedro Abreu to chief operating officer.
Forcepoint appoints Rees Johnson as new CPO (Security Brief) A 20 year veteran in the network security field, Johnson will bring experience in product management, cloud security and SaaS migration strategy, the company says.
Exabeam names first APAC channel chief (CRN Australia) As it increases head count and investment in the region.
ForgeRock Announces Tschudy Smith as New Chief People Officer (BusinessWire) ForgeRock announces Tschudy Smith as new Chief People Officer.
Beazley hires Patricia Kocsondy as Head of US Cyber & Tech (ReinsuranceNe.ws) Specialist insurer Beazley has appointed Patricia Kocsondy as Head of US Cyber & Tech. Kocsondy joins from Chubb, where she served as senior vice
Products, Services, and Solutions
Speedcast and HudsonCyber partner to help companies regain cyber control (Global Mining Review) Companies can protect themselves from cyber-attacks and become compliant with new international cybersecurity regulations by using a new solution, recently launched by Speedcast and HudsonCyber.
FireEye Advances XDR Platform to Arm Security Operations Teams (FireEye) FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today introduced FireEye XDR, a unified platform designed to help security operations teams strengthen threat detection, accelerate response capabilities, and simplify investigations.
Introducing FireEye Extended Detection and Response (XDR): A Flexible
XDR Solution Born From the Front Lines of Threat Detection and Response (FireEye) Built for response, FireEye XDR brings FireEye technologies and expertise together for a seamless analyst experience.
ExtraHop Extends Response and Forensics Capabilities with Deep Threat Insights for Hybrid Cloud (BusinessWire) ExtraHop Extends Response and Forensics Capabilities with Deep Threat Insights for Hybrid Cloud
VigiTrust Launches VigiOne Cybersecurity Compliance Platform for Managed Security Service Providers (GlobeNewswire News Room) Easy-To-Use, Cost-Effective Solution Enables MSSPs to Keep Pace with Changing Regulations, Scale Effectively and Ensure Ongoing Compliance...
Dashlane re-embraces the Mac, releases native Catalyst app (Cult of Mac) Dashlane released a new macOS version of its password manager on Monday. This is a surprise because its developer announced last year that the Mac app was
Microsoft touts top secret cloud ATO (FCW) Azure Government Top Secret is now 'generally available' for national security workloads, Microsoft announced in a blog post.
Skyflow Launches Second-Generation Data Privacy Vault for Sensitive Customer Information, with Advanced Governance Engine (BusinessWire) New Skyflow PII Vault helps app developers build in data privacy, security, and compliance at the ground level
Global Leader in Secure Enterprise Communication Launches NetSfere Lifeline™ to Enable Delivery of Critical, Real-Time Emergency Alerts on Mobile and Desktop (GlobeNewswire News Room) NetSfere now offers an emergency alert system built within its secure messaging platform to help enterprises disseminate vital information quickly and...
Mimecast Announces Integration with Humio, Delivering Streaming Log Management to their Ecosystem (GlobeNewswire News Room) API integration with Humio, a CrowdStrike company, helps enterprise organizations detect and respond to cyberattacks...
Quest Disaster Recovery Innovation Protects Active Directory Backups from Malware Infection, Minimizing Ransomware Destruction (GlobeNewswire News Room) RMAD DRE 10.2 offers a new Secure Storage solution to protect Active Directory backups from malware and minimize the impact of ransomware attacksThis...
Netskope Expands the World's Most Complete SASE and Zero Trust Platform (PR Newswire) Netskope, the SASE leader, today announced several key enhancements to its award-winning Netskope Security Cloud, furthering its leadership in...
Cobalt Iron Joins Sheltered Harbor Alliance Partner Program as a Solution Provider
(Wallst.com) Cobalt Iron Compass for Sheltered Harbor Will Protect Consumer Account Data With SaaS Delivery
PDI Brings Leading-Edge Cybersecurity to Convenience and Fuel Retailers with Enhancements to Its XDR Services (Professional Datasolutions, Inc.,) PDI recently enhanced its XDR services offering with XDR Complete, a fully managed cybersecurity solution that protects businesses against advanced threats.
Technologies, Techniques, and Standards
5G, National Security, and Secure Connected Health (BoozAllen) Discover 5G’s impact on connected healthcare, national security, and more in Billington Cybersecurity 2021 Summit videos.
How Will New Data Privacy Laws Affect Convenience Stores? (CStore Decisions) In response to advances in technology and the expansion of privacy abuses and data breaches, there has been a proliferation of state legislation on consumer data privacy to grant consumers rights with respect to information about them. Convenience store retailers need to monitor state and federal laws to understand how these measures will affect their…
Move Beyond Passwords (GlobalDots) IAM as the Security Stack's Gatekeeper
Design and Innovation
US Army seeks blockchain technology to manage combat data (Janes) US Army engineers at the service's Command, Control, Communications, Computer, Cyber, Intelligence, Surveillance and Reconnaissance (C5ISR) Center are leveraging...
US Army Leverages Blockchain Technology for Tactical-Level Data Management (BeInCrypto) At the Command, Control, Communications, Computer, Cyber, Intelligence, Surveillance and Reconnaissance (C5ISR) Center, US Army engineers are leveraging blockchain technology for tactical-level data management.
Sierra Nevada and General Dynamics to design updated cryptographic key loaders with network connectivity (Military & Aerospace Electronics) NGLD-Medium provides the same functionality as legacy fill devices while adding network connectivity to support over-the-network-key distribution.
Research and Development
AFRL posts S&T protection RFI | Intelligence Community News (Intelligence Community News) On August 16, the Air Force Research Laboratory (AFRL) posted a request for information (RFI) for Science and Technology Protection. Responses are due by 5:00 p.m. Eastern on September 20.
Independent research firm sued by Apple now wants to help vet the phone maker’s child sexual abuse scanning system (Washington Post) One of Apple’s legal foes has offered to help independent researchers analyze the tech giant’s controversial new scanning software for detecting child sexual abuse material on iPhones.
Academia
Schools could be ripe for cyberattacks amid ransomware open season (TechRepublic) In recent months, a string of high-profile cyberattacks have targeted critical U.S. infrastructure. As students return to the classroom, could criminals look to focus their efforts on schools?
Legislation, Policy, and Regulation
Europe urges unity on Taliban but is quiet on failed mission (ABC News) European leaders say they will press for a unified international approach to dealing with a Taliban government in Afghanistan, as they looked on with dismay at the rapid collapse of two decades of a U.S.-led Western campaign in the country
The US is evacuating staff from Kabul—Russia and China are not (Quartz) China and Russia are preparing to deal directly with the Taliban on its home turf, while their global rivals walk away.
Why the Taliban Won (Foreign Affairs) What Washington can do about it now
Defiant and defensive, a president known for empathy takes a cold-eyed approach to Afghanistan debacle (Washington Post) With Taliban fighters poised to rout the U.S.-backed Afghan government — and with it the 20-year, multibillion-dollar effort to root Western-style democracy in Afghan soil — President Biden over the weekend first offered compassion for those left behind.
Biden Holds Afghanistan Line: 'I'm Clear On My Answer' (Breaking Defense) A Chicago Council survey conducted in July found that 70 percent of Americans backed exiting Afghanistan, a belief that crosses the deep partisan divide between Democrats and Republicans.
Biden: ‘No amount of military force would ever deliver a stable and secure Afghanistan’ (Military Times) The U.S. president blamed the collapse on Afghanistan on a lack of will from politicians and security forces there.
Afghanistan’s neighbors watch warily as Taliban completes its dramatic takeover (Washington Post) The Taliban’s stunning takeover of Kabul on Sunday sent shock waves around the world — with immediate implications for the complicated knot of three regional powers in Afghanistan’s neighborhood: Pakistan, India and China.
Israel Braces For Renewed Terrorism Coming From Taliban-Led Afghanistan (Breaking Defense) "The way the US runs away and leaves a country to the atrocities of terror groups is a bad sign that will have major effects on some countries,” said an Israeli defense source.
Afghan security forces’ wholesale collapse was years in the making (Washington Post) In the summer of 2011, Army Lt. Gen. William Caldwell IV made a round of public appearances to boast that he had finally solved a problem that had kept U.S. troops bogged down in Afghanistan for a decade. Under his watch, he asserted, U.S. military advisers and trainers had transformed the ragtag Afghan army and police into a professional fighting force that could defend the country and keep the Taliban at bay.
Senate Intel chair vows 'tough but necessary questions' on Afghanistan collapse (TheHill) Senate Intelligence Committee Chairman Mark Warner (D-Va.) said Monday that he will work with other congressional committees to probe the rapid unraveling of Afghanistan, including why the United States was caught off guard by the Talib
'We could have done more' - frustration grows in Washington over Biden's Kabul evacuation (Reuters) Frustration and anger at U.S. President Joe Biden’s handling of evacuations from Afghanistan are mounting among administration officials, lawmakers of both parties and advocacy groups.
Opinion: Trump wanted out of Afghanistan. Biden’s choice to follow through is a catastrophe. (Washington Post) Can it be that Donald Trump really didn’t leave the presidency? And if he did, why are we left with his foreign policy?
Opinion: Now’s the moment for Biden to pivot his foreign policy and stand up to adversaries (Washington Post) As helicopters frantically evacuate Americans from the U.S. Embassy in Afghanistan — an ominous echo from the fall of Saigon — the world is asking is what comes next for U.S. foreign policy. The loss in Vietnam was followed by years of U.S. retreats and defeats, culminating in the Iran hostage crisis. President Biden and Democrats in Congress must not allow that to happen again.
Opinion: The debacle in Afghanistan is the worst kind: Avoidable (Washington Post) President Biden’s blunders in what is — suddenly — a Taliban-dominated Afghanistan may be measured in many ways. One is by searching the sorriest episodes of U.S. foreign policy history for an analogy. Former defense secretary and former CIA director Leon E. Panetta drew a comparison with the Bay of Pigs, the 1961 U.S. attempt to overthrow Cuba’s Fidel Castro, which ended with hundreds of CIA-backed invaders killed or captured after President John F. Kennedy denied them air cover.
America’s Failures in Afghanistan Were Bipartisan and Long-Running (Wall Street Journal) Four presidents have learned what history should have taught about Afghanistan, which is that the local fighter always knows he will outlast the foreign occupier.
After Afghanistan falls, the blame game begins (Washington Post) As quickly as Kabul fell, the finger-pointing commenced.
How Biden Was Right About Afghanistan—and Disastrously Wrong (Foreign Policy) The president is taking flak from all sides, but the timing of the Taliban takeover could minimize the political damage.
‘I’m Furious. I Feel Helpless.’ (Foreign Policy) American diplomats reckon with Afghanistan’s collapse.
Pakistan and the United States Have Betrayed the Afghan People (Foreign Policy) Washington ignored Islamabad funding and supplying the Taliban. Now Afghans are paying the price.
Afghanistan Is Your Fault (The Atlantic) The American public now has what it wanted.
DHS Issues New National Terrorism Advisory System (NTAS) Bulletin (American Security Today) DHS has issued a new National Terrorism Advisory System (NTAS) Bulletin regarding the heightened threat environment across the United States which is challenging and diverse, especially leading up to the 20th Anniversary of the September 11, 2001 terror attacks and the days that follow, as well as religious holidays that could serve as catalyst for targeted violence.
Homeland Security Considers Outside Firms to Analyze Social Media After Jan. 6 Failure (Wall Street Journal) Plans to boost online monitoring have spurred debate within government about balancing civil liberties with security efforts that could help prevent intelligence failures like those preceding the Jan. 6 Capitol attack.
Cyber leader calls for nonpartisan path to securing the vote (AP NEWS) Those entrusted with securing the nation’s voting systems must remain nonpartisan as a myriad of complex and growing risks continue to threaten U.S. elections, one of the nation’s top cybersecurity officials said Saturday.
Cyberspace needs regulation to put an end to online bullying: China Daily (The Straits Times) The paper says the regulatory authorities should adopt a zero-tolerance attitude toward cyber bullying.. Read more at straitstimes.com.
Progress Report: 100 Days of the Biden Administration’s Industrial Control Systems (ICS) Cybersecurity Initiative and Electricity Subsector Action Plan (Energy.gov) In April 2021, the Biden Administration launched an Industrial Control Systems Cybersecurity Initiative to strengthen the cybersecurity of the critical infrastructure across the United States.
U.S. Lawmakers Take a Direct Shot at Apple and Google App Stores (Bloomberg) The U.S. Congress wants to change the way your smartphone works. And the effort may actually succeed.
John Costello Joins National Cyber Director Office as Chief of Staff (Executive Gov) John Costello, former deputy executive director of the congressionally chartered Cyberspace Solarium
Litigation, Investigation, and Law Enforcement
State Department tries 'pushing the envelope' with Dark Web informants, cryptocurrency rewards in the millions (CNN) As hackers and cybersecurity experts descended on Las Vegas last week for the famous cyber conference Black Hat, they may have noticed an open Wi-Fi network called "#Rewardsnotransoms." It's not the kind of place where a network is usually left unprotected but, in this case, that was the point.
Education giant Pearson fined $1M for downplaying data breach (BleepingComputer) The US Securities and Exchange Commission (SEC) announced today that Pearson, a British multinational educational publishing and services company, has settled charges of mishandling the disclosure process for a 2018 data breach discovered in March 2019.
Experts: False Claims on Voting Machines Obscure Real Flaws (SecurityWeek) The aftermath of the 2020 election put an intense spotlight on voting machines as supporters of former President Donald Trump claimed victory was stolen from him. While the theories were unproven — and many outlandish and blatantly false — election security experts say there are real concerns that need to be addressed.
No Standing in Data Breach Case Involving “Essentially Useless” Stolen Data (JD Supra) The Central District of California recently dismissed a data breach class action for lack of standing, notwithstanding evidence that the stolen data...