Attacks, Threats, and Vulnerabilities
Russia responsible for cyber attacks on German parliament -German foreign ministry (Reuters) Russia is responsible for a renewed cyber attack on the German parliament, a spokesperson for the foreign ministry in Berlin told journalists on Monday.
Germany warns Russia over cyberattacks ahead of election (Deutsche Welle) Berlin has said it has "reliable information" that a series of attempts to get hold of lawmakers' personal details can be linked to the Russia-linked Ghostwriter hacker group.
Germany complains to Moscow over pre-election phishing attacks on politicians (Washington Post) The German government called on Moscow on Monday to cease "illegal cyber activities" immediately amid an increase in phishing attacks on politicians in the lead-up to pivotal parliamentary elections later this month.
Exclusive: Google locks Afghan government accounts as Taliban seek emails -source (Reuters) Google has temporarily locked down an unspecified number of Afghan government email accounts, according to a person familiar with the matter, as fears grow over the digital paper trail left by former officials and their international partners.
Amid a surge in ransomware attacks, cities are taking some of the biggest hits (Washington Post) Ransomware attacks have become a scourge for local governments, robbing millions of dollars in ransom payments to hackers and recovery costs from the government entities that can least afford to pay them.
North Korean Cyberattacks: A Dangerous and Evolving Threat (The Heritage Foundation) North Korean missiles and nuclear weapons have garnered fear, international condemnation, and tough sanctions. Pyongyang’s cyber activities, however, have elicited less reaction and punishment despite having been used repeatedly in attacks against governments, financial institutions, and industries.
Chinese hackers behind July 2021 SolarWinds zero-day attacks (The Record by Recorded Future) In mid-July this year, Texas-based software provider SolarWinds released an emergency security update to patch a zero-day in its Serv-U file transferring technology that was being exploited in the wild.
Autodesk Says Company Was Targeted by SolarWinds Attackers (BankInfoSecurity) Autodesk, a California-based design software and 3D technology firm, now says it was one of several tech and security companies targeted by a Russian-linked group
Un module de la plate-forme France-visas a été l'objet d'une attaque informatique (Ministère de l'Intérieur) Le 10 août 2021, un module de la plate-forme France-visas a été l'objet d'une attaque informatique qui a pu être rapidement neutralisée. Des données personnelles enregistrées lors de la saisie d'une demande de visa (adresses mails et données d'identité[1]) ont néanmoins pu être dérobées.
French government visa website hit by cyber-attack that exposed applicants’ personal data (The Daily Swig) Nationalities, birth dates, and passport numbers among potentially exposed data
Indonesians' data 'just sitting there', hackers say (The Jakarta Post) Another day, another personal data leak scandal. Indonesia’s recent e-HAC data leak has drawn condemnation from activists and politicians alike. But for the country’s hackers, this furore is simply too little, too late.
Made up Netflix and thousands of popular apps injected with malware (Pradeo) Pradeo discovered thousands of modded and fake popular apps infected by malwares (Netflix, Spotify...).
Hive is dangerous new ransomware threat, FBI says (KTVU FOX 2) First seen in June 2021, Hive poses "significant challenges" for organizations to combat, according to the FBI.
Malware found preinstalled in classic push-button phones sold in Russia (The Record by Recorded Future) A security researcher has discovered malicious code inside the firmware of four low-budget push-button mobile phones sold through Russian online stores.
This New Malware Family Using CLFS Log Files to Avoid Detection (The Hacker News) An emerging malware family uses CLFS log files to avoid detection
Poisoned proxy PACs! The NPM package with a network-wide security hole… (Naked Security) 3,000,000 downloads a week… if only they’d read the fastidious manual!
Translated Conti ransomware playbook gives insight into attacks (BleepingComputer) Almost a month after a disgruntled Conti affiliate leaked the gang's attack playbook, security researchers shared a translated variant that clarifies on any misinterpretation caused by automated translation.
Traffic Exchange Networks Distributing Malware Disguised as Cracked Software (The Hacker News) Attackers are using traffic exchange networks to distribute malware disguised as cracked software
More than 10% of Firebase databases are open and exposing data (The Record by Recorded Future) In a research project conducted in July 2021 and published this week on Wednesday, cybersecurity firm Avast said it found nearly 19,300 Firebase databases from a grand total of 180,300 that were left exposed online without authentication.
FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor (The Hacker News) Hackers use Windows 11 Themed Documents in order to Drop Javascript Backdoors
Babuk ransomware's full source code leaked on hacker forum (BleepingComputer) A threat actor has leaked the complete source code for the Babuk ransomware on a Russian-speaking hacking forum.
Ransomware gang threatens to leak data if victim contacts FBI, police (BleepingComputer) The Ragnar Locker ransomware group is warning that they will leak stolen data from victims that contact law enforcement authorities, like the FBI. Ragnar Locker has previously hit prominent companies with ransomware attacks, demanding millions of dollars in ransom payments.
Why ransomware hackers love a holiday weekend (Ars Technica) Looking forward to Labor Day? So are ruthless gangs of cybercriminals.
USCYBERCOM Warns of Mass Exploitation of Atlassian Vulnerability Ahead of Holiday Weekend (SecurityWeek) USCYBERCOM and CISA are urging organizations to patch a critical vulnerability (CVE-2021-26084) affecting Atlassian Confluence Server and Data Center
Jenkins struck by 'Confluenza' as US Cyber Command warns Atlassian flaw 'cannot wait' (Register) How was your weekend? Got some patching done?
Jenkins project Confluence instance attacked (Jenkins project) The Jenkins infrastructure team identified a successful attack against our deprecated Confluence service. This blog post describes our responses.
The growing cybersecurity menace that is Droppers-as-a-Service (Security Brief) Droppers for hire are delivering bundles of malicious content to targets looking for cracked versions of popular business and consumer applications.
Traffic Exchange Networks Distributing Malware Disguised as Cracked Software (The Hacker News) Attackers are using traffic exchange networks to distribute malware disguised as cracked software
Fake pirated software sites serve up malware droppers as a service (Sophos News) Sites advertising “cracked” software packages lead into a network that serves up downloads full of malware instead.
Comcast RF Attack Leveraged Remotes for Surveillance (Threatpost) IoT vulnerabilities turned the remote into a listening device, researchers found, which impacted 18 million Xfinity customers.
IRS warns of stimulus check scams amid spike in reports (KTLA) The IRS this week warned people to be aware of scams tied to federal stimulus checks after the agency’s Criminal Investigation unit received a record number of reports in June and July. In pa…
Beware: Hurricane Ida relief efforts will be accompanied by scams (Avast) Watch out for fundraising scams, phone scams, and email scams related to Hurricane Ida relief efforts.
Kaspersky detects over 1,500 fraudulent resources targeting Crypto users (IBS Intelligence) Since the beginning of 2021, Kaspersky has detected more than 1,500 fraudulent global resources aimed at potential crypto investors or users..
Banksy was warned about website flaw before NFT hack scam (BBC News) Security researcher warned artist before hacker scammed a fan out of $336,000.
Fake Banksy NFT sells for nearly $340K after hacker reportedly taps into artist's site (CNET) An online auction was linked to from Banksy's official website.
HSE cyber-attack: Irish health service still recovering months after hack (BBC News) Almost four months after a ransomware attack on the Irish health service, disruption remains.
Security fears after Central Bank mistakenly gave out names and addresses of credit union bosses (independent) Security fears have been raised after the Central Bank mistakenly gave out the names and home addresses of credit union bosses.
UNM Health alerts patients about major cybersecurity attack (KOB7) One of New Mexico's largest health care providers is warning hundreds of thousands of its patients that their personal information may have been hacked.
Howard University cancels Tuesday classes as it investigates alleged ransomware attack (Washington Post) Howard University canceled classes for Tuesday after officials said the school is investigating what it describes as a ransomware cyberattack that disrupted Internet service across its Northwest Washington campus, according to a statement released by the university .
Dallas Schools Data Breach Exposed Student, Parent, Teacher Personal Information (Insurance Journal) A data breach at the Dallas public school system earlier this month exposed the personal information of students, parents, teachers and staff dating to
Car Hacking Danger Is Likely Closer Than You Think (Car and Driver) A Detroit Free Press report shows there were 150 automotive cybersecurity incidents in 2019 alone.
Data breach at US restaurant and gambling chain Dotty’s may have leaked sensitive customer information (The Daily Swig) Nevada-based hospitality firm confirms cyber-attack on its networks
TikTok Users and Coders Flood Texas Abortion Site With Fake Tips (New York Times) To protest Texas’ new abortion law, activists said, they pranked a website set up by the state’s largest anti-abortion group.
Vulnerability Summary for the Week of August 30, 2021 (CISA) The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Security Patches, Mitigations, and Software Updates
Old versions of Outlook losing support in Microsoft 365 (Computing) The company is urging customers to move to a newer version of Outlook before November
Office 365 to let admins block Active Content on Trusted Docs (BleepingComputer) Microsoft plans to allow Office 365 admins ensure that end-users can't ignore organization-wide policies set up to block active content on Trusted Documents.
Critical Auth Bypass Bug Affect NETGEAR Smart Switches — Patch and PoC Released (The Hacker News) NETGEAR Smart switches are vulnerable to a critical bug that allows attackers to take complete control of vulnerable devices.
'Demon's Cries' authentication bypass patched in Netgear switches (The Record by Recorded Future) Networking equipment vendor Netgear has patched three vulnerabilities in several of its smart switches that can allow threat actors to bypass authentication and take over devices.
WhatsApp patches vulnerability related to image filter functionality (ZDNet) Check Point Research discovered the vulnerability, which involved maliciously crafted image files.
Trends
IoT Attacks Skyrocket, Doubling in 6 Months (Threatpost) The first half of 2021 saw 1.5 billion attacks on smart devices, with attackers looking to steal data, mine cryptocurrency or build botnets.
Enterprises are missing the warning signs of insider threats (Help Net Security) The findings of this report reveal that enterprises are missing the warning signs of insider threats and the intent of perpetrators.
Getting ahead of a major blind spot for CISOs: Third-party risk (Help Net Security) For many CISOs and security leaders, it was not long ago that their remit focused on the networks and digital ecosystems for their organization alone. In
Cyberattacks grow 23% in Brazil in 2021 and reach 1,400 threats per minute (The Rio Times) Cyber-attacks, as the attempts to break into computers and mobile devices through online fraud are called, grew by 23% in Brazil in 2021, according to Kaspersky.
Brazil businesses have lowest cybersecurity budget; view area as "expense" and "support" (The Rio Times) The same amount is invested by a much smaller portion - 21% on average - of companies in Singapore and G7 members (Germany, Canada, United States, France, Italy, Japan and United Kingdom), since a large part of their system protection budgets range from US$1 million to US$5 million per year.
Cyber attack attempts more than double in Ethiopia this year: official (Xinhua) Ethiopia has recorded more than 2,800 cyber-attack attempts during the concluding Ethiopian 2020/2021 year, registering an alarming increase in such attacks, an Ethiopian official said on Monday.
Marketplace
Cyber Security: Understanding the faultlines (ETCIO.com) The overall growth of the Cyber Security industry is creating value for organizations. But it’s time we as an industry are held accountable to curb ..
Now might be a really good time to get into cyber security (Channel Asia) If you weren’t already plying cyber security products and services, perhaps it’s time to start.
Lossmaking SentinelOne leapfrogs Check Point in value (Globes) Wall Street investors prefer fast growing, exciting companies like SentinelOne, to profitable slow growth, veteran companies.
AnaCap invests in WebID, a leading German Digital Identity Verification-as-a-Service Provider (AnaCap) AnaCap Financial Partners (“AnaCap”), a leading specialist mid-market private equity investor in technology enabled financial services, today announces a majority investment in WebID, a leading German digital identification provider. AnaCap will provide significant growth capital and partner with the founders and existing management team to extend WebID’s product offering to other industries outside of the core financial services and telecoms space where it has a market leading position, such as eGovernment, eHealth, eCommerce and eMobility as well as support inorganic growth through future acquisitions.
Facebook apologises after AI puts ‘primates’ label on video of Black men (ETCIO.com) Facebook users who recently watched a video from a British tabloid featuring Black men saw an automated prompt from the social network that asked if t..
SolarWinds Named a New CEO Days Before Discovering Its Massive Hack. Here's Why Sudhakar Ramakrishna Says He Kept the Job (Yahoo) A breach of SolarWinds' software, discovered last year, gave hackers access to the data of companies and government offices
Huawei escapes U.S. chip ban by buying 4G Snapdragon chips instead of 5G (Phone Arena) Huawei has been able to get around the U.S. export rule change that prevents foundries using American equipment from shipping to Huawei. The company is able to buy 4G chips made by Qualcomm.
State Street to create 400 jobs in Kilkenny (RTE.ie) Financial services company State Street is to create 400 new jobs in Kilkenny as it sets up a new specialist team to provide technology infrastructure and cyber security services to support its group operations globally.
Up to 500 jobs available as Deloitte opens first Australian Centre for Innovation and Technology in SA (Premier of South Australia) Deloitte Australia is expanding its Adelaide operations with the opening of Australia’s first Centre for Innovation and Technology that will, over the next three years, create up to 500 jobs within automation, analytics, cyber and financial audit services.
Checkmarx Appoints Razi Sharir as Chief Product Officer (BusinessWire) Checkmarx, the global leader in developer-centric application security testing (AST) solutions, today announced that it has appointed Razi Sharir as C
Products, Services, and Solutions
DIGISTOR and Cigent Form Technology Partnership to Advance Zero Trust Data Protection and Secure Data at Rest (DAR) Storage Solutions (Yahoo) Companies partner to address data security needs across the entire lifecycle of a storage drive.
Blame Iran? This Israeli cyber firm is helping the internet’s weakest link (Haaretz) The cyber defense company Konfidas advises companies on how to protect themselves against ransomware attacks and identifies the weak spots in their defenses. It also provides security for small businesses.
Kroll Partners with SentinelOne to Accelerate Investigations and Response to Ransomware and Advanced Attacks (UK Today) SentinelOne, an autonomous cybersecurity platform company, today announced a strategic partnership with Kroll, the world’s premier provider of services and digital products related to governance, risk, and transparency. Through the partnership, SentinelOne’s Singularity XDR platform and ActiveEDR powers the Kroll Responder MDR service to accelerate investigations and response to ransomware and advanced attacks.
MyCena: A new revolutionary decentralized digital access solution to prevent ransomware attacks (MyCena) Founder and CEO of MyCena Security Solutions Press release Antiquated digital centralized security access is no longer fit for purpose...
One Answer to Government’s Cybersecurity Talent Gap (Governing) With staffs stressed by the pandemic and threats growing, managed security service providers can bring up-to-date expertise to bear while helping governments hold down costs.
Trend Micro launches WeDiscover Partner program to strengthen its footprint across MENA (Saudigazette) Trend Micro launches WeDiscover Partner program to strengthen its footprint across MENA
TEHTRIS et Proofpoint s’allient pour protéger le principal vecteur de menaces cyber – L’email (Global Security Mag Online) TEHTRIS annonce la conclusion d’un accord avec Proofpoint, entreprise leader en matière de cybersécurité, conformité et sécurisation de la messagerie d'entreprise, pour étoffer son offre de services et renforcer l’hyper-automatisation de la TEHTRIS XDR Platform.
CyberProof Announces Partnership with Radiflow, a Leading Provider of Cyber Security Solutions for OT Systems & Industrial Networks (PR Newswire) CyberProof Inc., a UST company, announced today that it will be adding Radiflow, a leading provider of cyber security solutions for industrial...
Trulioo Selected by Zolve to Provide Real-Time Identity Verification (PRWeb) Trulioo, the leader in global identity verification, today announced a partnership with Zolve, an innovative neobank. Through the world’s la
Juice Technology Obtains International Certification for Portable EV Charging Cybersecurity (PR Newswire) Juice Technology AG, manufacturer of charging stations and software, and leading producer of portable charging stations for electric vehicles...
CREST launches new globally available practical penetration testing certification (CREST) CREST Registered Security Analyst (CRSA) certification available to book now through Pearson Vue centres worldwide.
Celerium Adds CMMC Level 3 Suppliers Course to Supply Chain Cybersecurity Education Program (PR Newswire) Celerium Inc., through its CMMC Academy initiative, now offers an online CMMC course intended to help U.S. government contractors and...
New infosec products of the week: September 3, 2021 (Help Net Security) The featured infosec products this week are from the following vendors: Absolute, Anomali, Cyware, Query.AI and Red Sentry.
Technologies, Techniques, and Standards
Research shows NIST, ISO supply chain standards have up to 89% overlap of risk controls (Federal News Network) Joanne Woytek said understanding how NIST SP 800-161 and ISO 20243 can work together will help agencies and contractors.
Zero-Trust Model Gains Luster Following Azure Security Flaw (Data Center Knowledge) Microsoft Azure vulnerability, ChaosDB, exposes the fact that enterprises can’t simply trust cloud providers to protect the infrastructure. Experts point to the zero-trust model and ID-based authentication as critical to cloud security strategy.
How Aussie MSP Data Central salvaged ‘devastating’ customer ransomware attack (ARN) Victoria-based managed service provider Data Central has helped salvage the operations of an unnamed customer following a major ransomware attack.
Insider threat initiative highlights ‘workplace culture’ on program’s 10-year anniversary (Federal News Network) Leaders are stressing the importance of a positive workplace culture to address all forms of insider threat.
Cybersecurity is tough work, so beware of burnout (ZDNet) Making sure that information security staff are taking care of their mental wellbeing is vitally important.
Proofpoint lawsuits underscore risk of employee offboarding (CSO Online) Nearly every employee leaving a company takes data or intellectual property, but few companies adequately screen and monitor for it. Recent court cases underscore the risk.
Lock down your Microsoft 365 account and keep hackers out in 5 easy steps (CNET) The US government suffered a data breach after hackers targeted Microsoft Office software. Here's how to protect your Microsoft apps and accounts.
What to Do If a Ransomware Attacks Your Computer
(AARP) Ransomware attacks are on the rise. Regularly backing up your internal hard drive is one of many ways to thwart cybercriminals. Learn more tips.
How secure are your computer's privacy settings? (Yahoo) Here's why you should go back and evaluate your privacy settings to make sure they're still right for you.
Design and Innovation
Apple slams the brakes on plans to scan user images for child abuse content (ZDNet) Backlash stemming from privacy concerns has delayed the rollout.
Apple to Delay iPhone Update That Could Scan Device for Illegal Content (Wall Street Journal) The tech giant plans to make improvements to software that aimed to report collections of sexually exploitative images of children, amid a backlash from critics concerned about privacy erosion.
Apple delays controversial child protection features after privacy outcry (The Verge) Apple unveiled the feature in August
Apple Announces Delay of Child Protection Measures (SecurityWeek) Apple will delay the rollout of its controversial new child pornography protection tools, accused by some of undermining the privacy of its devices and services.
Apple delays the rollout of its plans to scan iPhones for child exploitation images (Washington Post) Security and privacy advocates were angered by the controversial decision to scan on its customers’ devices.
ACC innovates with Air Force CyberWorx (U.S. Air Force) Air Force CyberWorx is a Department of Defense cyber mission-focused, operational problem-solving organization that gives Airmen the tools to support Air Force operational problems by collaborating
How tech is a vital weapon against cyber information warfare (Information Age) Edwin Weijdema, global technologist, product strategy at Veeam, discusses how tech can be vital in the fight against cyber information warfare
Legislation, Policy, and Regulation
The Latest: Pakistan’s powerful intel chief arrives in Kabul (WKRG News 5) Pakistan’s powerful intelligence chief has made a surprise visit to the Afghan capital of Kabul. That’s according to two Pakistan officials who asked not to be named because th…
Taliban Claim Breakthrough in Afghan Resistance Haven (Wall Street Journal) The group said they had entered the Panjshir Valley, the only remaining area of armed resistance to their rule in Afghanistan, as they continued talks on the formation of a new government.
Panjshir Valley, last resistance holdout in Afghanistan, falls to the Taliban (Washington Post) The Taliban on Monday seized Panjshir province, a restive mountain region that was the final holdout of resistance forces in the country, cementing the group’s total control over Afghanistan a week after U.S. forces departed the country.
Opinion: The terrorism era is far from over. A new, more dangerous phase has begun. (Washington Post) On Sunday, the Biden administration separately dispatched both Secretary of State Antony Blinken and Defense Secretary Lloyd Austin to the Persian Gulf region. The goal, according to media reports, was to reassure allies there that even though President Biden withdrew U.S. forces from Afghanistan and said he wants to focus on security threats from China and Russia, the United States remains committed to fighting terrorist extremism.
American Spies Are Fighting the Last War, Again (The Atlantic) When the Cold War ended, the intelligence community failed to adapt. Today it faces a similar challenge.
STRATCOM Commander Warns Of China-Russia Coordination; Report Details AI Collaboration (Breaking Defense) "Our findings expose gaps between Chinese and Russian aspirations and the reality on the ground, bringing greater accuracy and nuance to current assessments of Sino-Russian cooperation," on AI, notes a new report by the Center for Security and Emerging Technology.
China Official Says Intelligent Vehicles Can Pose Security Risks (Bloomberg) Vice Minister says regulations must keep pace with risk. Blind investment in EV sector must be curbed: vice minister.
Fed up with constant cyberattacks, one country is about to make some big changes (ZDNet) Italy has faced a barrage of cyberattacks in recent weeks, and has struggled to cope with the fallout. But a new security agency and a fresh influx of funding could help turn the tide.
Resistance Is Futile (Foreign Affairs) The war on terror supercharged state power
Forever Wars Won’t End if the Surveillance State’s Still Here (The Daily Beast) The past 20 years have demonstrated that it is woefully ineffective at improving American national security. Republicans don’t mind—do Democrats?
To defeat adversaries in cyberspace, America must go on offense (New York Post) Following our humiliating Afghanistan retreat, America’s rivals will amplify their assaults on our credibility and defenses. China could attack Taiwan; Russia might further encroach against Ukraine…
The US military needs a seventh branch: The Cyber Force (TheHill) We clearly need a United States Cyber Force to stop disasters from happening in the first place.
Air Force to Reclassify Cyberspace Support Career Fields (SIGNAL Magazine) The move aims to create more versatile cyberspace career airmen, training and curriculum.
GCHQ uses social media in place of ‘tap on the shoulder’ to recruit cyber spies (Evening Standard) Cyber operatives have taken to Reddit and Instagram for the first time in a bid to find new talent.
Congress seeks to compel infrastructure operators to report cyberattacks (Roll Call) Some lawmakers want banks, oil and gas companies, tech providers, utilities and others to notify a top cybersecurity agency after an attack.
Countering ransomware: Lessons from aircraft hijacking (Atlantic Council) Ransomware has plagued organizations for more than a decade, but the last three years have experienced a surge in both the number of incidents and the ransoms demanded. To more effectively counter ransomware, the US government should develop a strategy that draws on lessons learned from addressing a surge in aircraft hijackings through the late 1960s and early 1970s.
Litigation, Investigation, and Law Enforcement
BKA kaufte heimlich NSO-Spähsoftware (Die Zeit) Juristen im BKA hatten zunächst Bedenken, weil Pegasus viel mehr kann, als deutsches Recht erlaubt. Trotzdem wurde die Software nach ZEIT-Informationen beschafft.
BKA soll umstrittene Spionage-Software gekauft haben (Tagesschau) Das BKA soll nach Recherchen von NDR, WDR und SZ eine umstrittene Spionage-Software aus Israel eingekauft haben, mit der Smartphones überwacht werden können. Nun soll das Parlament darüber unterrichtet werden.
New Zealand Police Kill ‘Extremist’ Who Stabbed 6 in ISIS-Inspired Attack (New York Times) The man was under surveillance when he injured six people at a West Auckland supermarket on Friday, officials said. The prime minister called it a “terrorist attack.”
The man who committed the New Zealand stabbing attack was a known threat. Now, the nation’s counterterrorism laws are under scrutiny. (Washington Post) Ahamed Aathil Mohamed Samsudeen was under police surveillance when he attacked a group of people at an Auckland grocery on Friday. Authorities knew he was a threat, but New Zealand’s laws could not keep him in jail.
ProtonMail logged IP address of French activist after order by Swiss authorities (TechCrunch) ProtonMail, a hosted email service with a focus on end-to-end encrypted communications, has been facing criticism after a police report showed that French authorities managed to obtain the IP address of a French activist who was using the online service. The company has communicated widely about th…
ProtonMail Shares Activist's IP Address With Authorities Despite Its "No Log" Claims (The Hacker News) Despite its "no logs" policy, ProtonMail discloses an activist's IP address to authorities.
ProtonMail forced to collect an activist's IP address in police investigation (The Record by Recorded Future) Switzerland-based email provider ProtonMail said it was forced to log the IP address of one of its customers after it received a legally binding order from the Swiss government that it couldn't legally appeal or decline.
Gardaí seize infrastructure from HSE cyber attack gang (The Irish Times) Operation led by Garda believed to have prevented more than 750 ransomware hacks
TrickBot gang member arrested after getting stuck in South Korea due to COVID-19 pandemic (The Record by Recorded Future) A Russian man was arrested last week at the Seoul international airport on accusations of developing code for the TrickBot malware gang.
Guntrader breach perp: I don't think it's a crime to dump 111k people's details online in Google Earth format (Register) Plus: Police aren't treating breaches as terror offence
Lalbazar plans specialized pool of cyber cops, lines up training courses (The Times of India) Kolkata: In order to create a dedicated pool of cyber cops, who will specialize in cyber crime detection, Lalbazar has devised specific cutting edge a.
Lawsuit filed against DuPage Medical Group after cyberattack that may have compromised patient data (Chicago Tribune) The lawsuit alleges that DuPage Medical Group didn’t do enough to protect patients’ information and didn’t tell them quickly enough about the breach.
Calif. Privacy Enforcement To Heat Up As Regulation Matures (Law360) The California attorney general's willingness to work with companies to comply with the state's novel consumer privacy law was on full display in its first year of enforcement, but pressure is expected to ramp up as businesses lose their ability to cure deficiencies and consumers are given more power to flag violations.