Dateline: Hybrid wars in Ukraine, Russia, Israel, and Gaza.
Ukraine at D+656: Russia and Ukraine exchange cyberattacks. (CyberWire) Russia and Ukraine exchange cyberattacks, the former against a mobile and Internet provider, the latter against Moscow's taxman.
Israel-Gaza war live: NGOs call for UK government to intervene and halt arms sales to Israel (the Guardian) Four human rights groups write to UK ministers calling for halt in arms sales to Israel in response to war in Gaza
Minister of Defense: 'Nearing breaking point in Gaza; surrender and be spared' (Israel National News) Defense Minister Yoav Gallant: "Last Hamas strongholds in Jabalia and Shuja'iyya on the verge of collapse. Battalions and commanders, surrender and save your lives. The fate of Yahya Sinwar and every senior commander is the same - surrender or die."
Cyberattack on Irish Utility Cuts Off Water Supply for Two Days (SecurityWeek) Hackers launched a cyberattack on an Irish water utility, causing disruption and leaving people without water for two days.
Irish Utility Experiences Water Disruption after Politically Motivated Threat Actor Compromises Israeli Pumping System (WaterISAC) Last week, a group of unknown threat actors compromised a water pumping system for a "private group water scheme" in the Erris area of Ireland, resulting in the loss of water for 180 homeowners for two days. The perpetrators said the equipment - a "Eurotronics Israeli-made water pumping system" - was targeted due to the fact it originated in Israel, in an incident reminiscent of the recent exploitation of Unitronics PLCs.
Hackers hit Erris water in stance over Israel (Western People) Cybercriminals caused upheaval for 180 homeowners on a private group water scheme in the Erris area last week as their equipment was targeted in a politically motivated cyber-attack.
Russia targets Kyiv with ballistic missiles as fears increase of attacks on energy infrastructure (AP News) A Russian missile attack on Ukraine’s capital has destroyed several homes and left more than 100 households without electricity.
Russia-Ukraine war live: Zelenskiy to meet Biden in push for aid; Russian forces make ‘significant’ advances in south, Moscow says (the Guardian) Ukraine president in Washington to try to rescue $61bn aid package; Russian forces progress in Zaporizhzhia region, Moscow says
Stalemate Is Not Checkmate in Ukraine (Foreign Policy Research Institute) The ground war in Ukraine is currently stalemated. However, the current situation on the battlefield does not necessarily presage how the war will end. Kyiv
Ukraine risks losing swathes of territory regained from Russia earlier (Newsweek) Ukrainian commander Oleksandr Syrskyi said his forces are making necessary decisions to save lives and ammunition.
U.S. and Ukraine Search for a New Strategy After Failed Counteroffensive (New York Times) President Volodymyr Zelensky arrived in Washington at a critical moment, both on the battlefield and on Capitol Hill.
Impasse over Ukraine aid worries Zelensky, emboldens Putin (Washington Examiner) ‘BIG DIFFERENCES REMAIN’: With just a week to go before a scheduled Senate recess, a compromise on U.S. border security that would unlock funds for Ukraine and Israel remains elusive, with Democrats and Republicans each accusing the other of intransigence.
Channel Churchill and reclaim UK’s role in leading support for Ukraine, Sunak urged (The Telegraph) European allies want Britain to step up as Germany, France and the US struggle to maintain backing for Kyiv, say sources
Exclusive: European lawmakers send plea to Congress on Ukraine aid (Reuters) More than a hundred senior European lawmakers will send a joint letter to their counterparts in the United States on Tuesday, pleading for Congress to unlock further military aid to Ukraine at a time U.S. lawmakers have struggled for a deal.
Zelensky’s last-minute trip to Washington comes at a critical moment for Ukraine on the battlefield (CNN Politics) Ukrainian President Volodymyr Zelensky arrives for talks in Washington on Tuesday at a critical moment, as the White House warns American aid to Ukraine could imminently dry up and talks over new assistance are stalled in Congress.
Ukraine’s Zelenskyy issues plea for support during Washington visit (Military Times) Ukrainian President Volodymyr Zelenskyy spoke at the National Defense University on Monday.
U.S. Support for Ukraine 'Unshakable,' Says Austin (U.S. Department of Defense) America and a coalition of some 50 allies and partners are determined to help Ukraine fight to defend its territory and its citizens and to extend its battlefield gains, Secretary of Defense Lloyd J.
Zelensky warns Orban of consequences of EU snub (The Telegraph) Ukrainian leader said to have confronted Hungarian PM over his opposition to Kyiv being allowed to join the bloc
Norway, UK join forces to lead Maritime Capability Coalition for Ukraine, counter Russian threat (Breaking Defense) "This [ coalition support] will be long term to help Ukraine transform its navy, making it more compatible with western allies, more interoperable with NATO, and bolstering security in the Black Sea," said the UK Ministry of Defence.
Kyivstar Cyberattack: Ukraine’s Largest Mobile Operator Knocked Out, Millions Lose Service (KyivPost) Kyivstar’s takedown may be the largest successful cyberattack on Ukraine since Russia launched its 2022 invasion. While millions lacked mobile and internet service, users’ data wasn't compromised.
Ukraine's top mobile operator hit by biggest cyber attack of war so far (Reuters) Ukraine's biggest mobile network operator, Kyivstar, was hit on Tuesday by what appeared to be the biggest cyber attack of the war with Russia so far, knocking out mobile and internet services for millions.
Ukraine’s Kyivstar Says It Faces ‘Powerful’ Cyberattack (Bloomberg) Ukraine’s biggest mobile operator, Kyivstar GSM JSC, was hit by a “powerful” cyberattack on Tuesday that disrupted phone and Internet services in various parts of the country.
Ukrainians lose internet as major mobile operator down (Newsweek) The Kyivstar telecommunications company reported a network failure on Tuesday morning.
Cyber Assault on Kyivstar Escalates Cybersecurity Concerns (BOL News) Kyivstar, Ukraine's largest mobile network operator, sustained a massive cyber attack on Tuesday
GUR says it has hacked servers of Russian tax service (Interfax-Ukraine) Units of the Main Intelligence Agency (GUR) of the Ministry of Defense of Ukraine have carried out a successful special operation on the territory of the Russian Federation, attacking the tax system of the aggressor state.
Analysis: Russian hackers using Outlook zero-day in campaign targeting NATO nations (CyberDaily) Ukraine, the United Arab Emirates, and Jordan are also among 14 targeted nations, according to security researchers.
Kremlin Critic Alexei Navalny Goes Missing: He Hasn’t Been Heard From In 6 Days (Forbes) Navalny is serving a 19-year prison sentence on charges of extremism.
Attacks, Threats, and Vulnerabilities
Unauthenticated Access to GCP Dataproc Can Lead to Data Leak (Orca Security) In this blog, the Orca Research Pod explains an important discovery that puts Google Cloud Dataproc clusters at risk of data security issues.
North Korean Hackers Developing Malware in Dlang Programming Language (SecurityWeek) North Korean hackers have used Dlang-based malware in attacks against manufacturing, agriculture, and physical security organizations.
North Korean hackers using Log4J vulnerability in global campaign (Record) Hackers connected to North Korea’s Lazarus Group have been exploiting the Log4j vulnerability in a campaign of attacks targeting companies in the manufacturing, agriculture and physical security sectors.
China claims 'foreign software' stealing classified and sensitive data (Interesting Engineering) China has upped the ante on espionage and introduced stricter warnings on possessing unauthorized information related to national interests.
Alleged Chinese cyberattacks target US power and water systems (SiliconANGLE) Alleged Chinese cyberattacks target US power and water systems - SiliconANGLE
Microsoft: Mystery Group Targeting Telcos Linked to Chinese APTs (Dark Reading) Analysis shows evidence the previously unknown Sandman group shares backdoor malware with various Chinese APT groups.
Security Brief: TA4557 Targets Recruiters Directly via Email (Proofpoint) What happened Since at least October 2023, TA4557 began using a new technique of targeting recruiters with direct emails that ultimately lead to malware delivery. The initial emails are benign and...
Investigation: Probable DPRK Online Personas Used To Fraudulently Obtain Remote Employment at U.S. Companies (Nisos) Dive into our latest research: DPRK IT workers' covert tactics for remote U.S. jobs, posing risks like sanctions violations and intellectual property leaks. Stay informed, protect your business.
Threat Actor Targets Recruiters With Malware (Infosecurity Magazine) Recruiters are warned to educate staff about surge in phishing attacks from threat group TA4557
New PoolParty Process Injection Techniques Outsmart Top EDR Solutions (The Hacker News) New process injection techniques called "PoolParty" allow code execution on Windows systems while evading EDR detection.
Six of the most popular Android password managers are leaking data (ZDNET) Another reason to keep your software updated: Security researchers find these password managers on Android share a vulnerability that could cause password leaks.
Europol Raises Alarm on Criminal Misuse of Bluetooth Trackers (Infosecurity Magazine) The majority of reported cases involved cocaine smuggling
How cybercriminals are using Wyoming shell companies for global hacks (Reuters) Somali reporter Abdalle Ahmed Mumin was doubly distressed when he heard that a colleague had been abducted by masked gunmen at the University of Mogadishu on the morning of Aug. 17.
‘Tis the Season for Fraud Attacks: Banks, Credit Card, and BNPL Hit (Socure) We found holiday season brought fraud spikes…except in one industry, which actually saw a rise in good identities. Here’s what we learned.
US healthcare giant Norton says hackers stole millions of patients' data during ransomware attack (TechCrunch) Hackers accessed the personal and health data of 2.5 million patients — and employees — during a May ransomware attack.
Lynch Carpenter Investigates Claims in Norton Healthcare, Inc. Data Breach (EIN News) Norton Healthcare, Inc. (Norton) recently announced that it suffered from a data breach between May 7 and May 9, 2023, which impacted the personal information
2.5m people's data lost in Norton hospital ransomware hit (Register) AlphV lays claims to the intrusion
Cold storage giant Americold discloses data breach after April malware attack (BleepingComputer) Cold storage and logistics giant Americold has confirmed that over 129,000 employees and their dependents had their personal information stolen in an April attack, later claimed by Cactus ransomware.
Counter-Strike 2 HTML injection bug exposes players’ IP addresses (BleepingComputer) Valve has reportedly fixed an HTML injection flaw in CS2 that was heavily abused today to inject images into games and obtain other players' IP addresses.
Nearly 7 Million Consumers Impacted by 23andMe Data Breach (JD Supra) On Oct. 6, 2023, a genetic testing company offering ancestry and health reports, 23andMe, announced that its consumers’ data was listed on the dark...
Alarming cybersecurity gaps found in Australia's top hospitals (SecurityBrief Australia) Over a third of Australia's top-rated hospitals lack necessary protections against email fraud and spoofing, reveals a cyber security study.
Vulnerability Summary for the Week of December 4, 2023 (Cybersecurity and Infrastructure Security Agency | CISA) High Vulnerabilities Primary Vendor -- Product Description Published
Security Patches, Mitigations, and Software Updates
Apache Patches Critical RCE Vulnerability in Struts 2 (SecurityWeek) Apache has addressed a critical-severity Struts 2 file upload vulnerability that could lead to remote code execution.
Google Patches Chromecast Vulnerabilities Exploited at Hacking Contest (SecurityWeek) Google has patched several high and moderate-severity Chromecast vulnerabilities demonstrated earlier this year at a hacking competition.
Apple Releases Urgent Security Updates to Protect Older Devices (OPP.Today) Apple Releases Urgent Security Updates to Protect Older Devices - OPP.Today
Trends
State of Authentication Survey Results Announced (Axiad) Survey Reveals Nearly 90% of IT Pros Felt Prepared for a Password-Based Cyberattack, Yet More Than Half Fell Victim to One.
Crypto scam losses doubled in 2023 (Atlas VPN) Scammers have become more sophisticated, and many crypto investors still lack understanding about securely storing and transferring digital assets.
Marketplace
Some AI Startups Find the Money’s No Longer So Easy (The Information) The venture capital gravy train for artificial intelligence startups may be slowing down. Some young startups have struggled to close rounds investors would have jumped to win a year ago. Take Liquid AI, which is developing a new kind of AI model that can learn while in use, not just during its ...
How cybersecurity is impacting the insurance industry (Digital Insurance) Cybersecurity is a major concern for insurers, with a recent shutdown at AFI due to suspicious network activity showing how close to home a cyber threat can be.
Debunking the misconceptions of cyber insurance: Marsh (ITWeb) There remains a misleading perception that cyber insurance does ‘not pay’ or ‘does not respond as required’ to key cyber events, says Spiros Fatouros, CEO of Marsh McLennan Africa.
Reps from Biden administration met in Pittsburgh to discuss Aliquippa cyber attack (CBS News) Last month, the Municipal Water Authority of Aliquippa suffered a cyber attack that the FBI says originated in Iran.
NSA Job Opportunities Grow Outside of Maryland and Northrop Grumman's New Facility to Create 300+ Jobs (ClearanceJobs) NSA lays foundation for JCC at Buckley Space Force Base, as Northrop Grumman invests $200M, generating 300+ jobs in Virginia.
BlackBerry Cancels Spinoff of Internet-of-Things Unit, Names New CEO (Bloomberg) BlackBerry Ltd. will no longer spin off its its internet-of-things business, a reversal from a previously announced turnaround plan.
Science Applications announces plan to reorganize its business (NYSE:SAIC) (Seeking Alpha) Science Applications International (SAIC) announces a reorganization, replacing current sectors with five new business groups and initiating an external...
3 Companies Awarded Spots on $125M NIST Cybersecurity & Privacy Support Services IDIQ (HS Today) Three companies have won spots on a potential five-year, $125 million small business set-aside contract to provide cybersecurity and privacy support services to the National Institute of Standards and Technology.
Action1 Expands into Europe, Opens Data Center in Germany (Action1) A US-based patch management vendor is expanding into crucial EU regions and opening a data center in Frankfurt to ensure stringent GDPR compliance.
Products, Services, and Solutions
Fortress Information Security and CodeSecure Team Up to Analyze Software Bill of Materials and Remediate Critical Vulnerabilities (Fortress Information Security) Fortress Information Security (Fortress) and CodeSecure today announced a partnership to offer new capabilities to map open-source software components and find and understand quality and security defects in third party or commercial software.
Fortinet brings AI help to enterprise security teams manage threats (Network World) Fortinet Advisor aims to help customers respond to threats more quickly
ESET Partners With KPN to Bring DNS Filtering Solution to Dutch Homes (TelecomTalk) ESET and KPN partner to offer ESET NetProtect, a DNS filtering solution, to KPN's customers in the Netherlands. This service protects home networks and IoT devices from malware, phishing, and unwanted content.
ESET integrates threat Intelligence with Microsoft Sentinel for superior cybersecurity (SecurityBrief Asia) ESET combines its renowned threat intelligence with Microsoft Sentinel's incident response capabilities, boosting cybersecurity protection.
Nedap Launches Access AtWork® - Nedap (Nedap) Nedap (AMS:NEDAP), a global leader in security solutions, today announces the launch of a SaaS access control system which brings convenience and security together in one solution. Access AtWork® meets the needs of companies looking to replace their outdated on-premises systems with modern and easy-to-use software that provides better insights with less effort and smaller investment.
Fime becomes first European lab accredited by NVLAP for biometric testing. (Fime Group) Fime France has become the first European lab and the third worldwide to be accredited by National Voluntary Laboratory Accreditation Program (NIST)’s National Voluntary Laboratory Accreditation Program (NVLAP) for biometric testing (NVLAP Lab Code 600365-0).
Reco.ai Is Changing the Game of SaaS Security (Reco.ai) Connecting in Minutes, Reco.ai Discovers Every App, Its Users, and Actions to Seamlessly Prioritize and Control the Risks in the SaaS Ecosystem
Delinea Joins the Microsoft Security Copilot Partner Private Preview (PR Newswire) Delinea, a leading provider of solutions that seamlessly extend Privileged Access Management (PAM), today announced its participation in the...
Snyk Launches Snyk AppRisk, Establishing the Next Era of Developer Security Focused on Enterprise-Scale Application Risk Management (GlobeNewswire News Room) Industry-First ASPM Solution Will Enable AppSec Leaders to Reduce Risk, Improve Developer Productivity and Provide Security Transparency with C-Suite...
Aqua Named Leader in GigaOm Radar for Container Security (Aqua) Aqua Security, the pioneer in cloud native security, ranked as the overall leader in the GigaOm Radar for Container Security.
Centerbase Relies on Object First’s Ootbi to Reinforce its Data Protection Strategy! (Object First) Ootbi’s out-of-the-box immutability ensures Centerbase delivers faster backup speeds and recovery time, eliminating downtime amid rising ransomware threats
Veeam Broadens Data Protection and Ransomware Recovery Capabilities for Microsoft 365 (Veeam Software) Veeam adds Backup-as-a-Service capabilities for Veeam Backup for Microsoft 365, which protects close to 18 million Microsoft 365 users around the world
DataDome Launches Device Check, the First Truly Invisible CAPTCHA Alternative to Keep Bots at Bay and Human Users Secure (PR Newswire) DataDome, a leading provider of AI-powered online fraud and bot management, today announced it is taking its bot protection offerings to a...
BT and Netskope Partner to Provide Secure Managed Services to the Modern Hybrid Enterprise (Netskope) BT and Netskope, a leader in Secure Access Service Edge (SASE), today announced a partnership to bring
Introducing Fine-Grained Authorization With Descope (Descope) Implement granular access controls for your app with Descope SDKs and APIs. Assign fine-grained user permissions based on more than just their roles.
AppDirect Announces Development of AI Marketplace, Empowering Organizations to Fully Leverage, Adopt, and Monetize AI (Business Wire) Marketplace platform and digital commerce leader develops solution with simple, intuitive interface that enables users to build custom AI bots
Apple’s Nonsensical Attack On Beeper For Making Apple’s Own Users Safer (Techdirt) Apple has spent the past few years pushing the marketing message that it, alone among the big tech companies, is dedicated to your privacy. This has always been something of an exaggeration, but ce…
Apple shuts down app that let Android users send blue-bubble texts to iPhones (Yahoo Finance) Apple blocked Beeper Mini days after it launched, calling it a security and privacy threat.
Technologies, Techniques, and Standards
A Note on progress…NIST’s Digital Identity Guidelines. (NIST) In August 2023 the Digital Identity Guidelines team hosted a two-day workshop to provide a public update on the status of revision 4.
Artificial Intelligence Working Group (Cloud Security Alliance) AI plays a critical role in the realm of cloud security as it enables the ability to learn at a rapid rate. This group researches how AI could improve cybersecurity.
How Do You Know Ethical Hackers Can Be Trusted? (HackerOne) HackerOne has rolled out new updates that make our human-powered security program the most trusted in the industry.
A Gigantic New ICBM Will Take US Nuclear Missiles Out of the Cold War-Era but Add 21st-Century Risks (SecurityWeek) New “Sentinel” nuclear missiles will need to be well protected from cyberattacks, while its technology will have to cope with frigid winter temperatures where the silos are located.
New Microsoft Incident Response team guide shares best practices for security teams and leaders (Microsoft) As enterprise networks grow in both size and complexity, securing them from motivated cyberthreat actors becomes more challenging.
Stamus Networks Supports NATO Red Teaming Cyber Exercise for the Fifth Consecutive Year (Stamus Networks) Twelfth annual Crossed Swords will see Stamus Networks share expertise and technology to develop and test the capabilities and practical skills of participants
Design and Innovation
Deciphering AI's impact on cybersecurity: Friend or foe? (Computing) The landscape of business operations is undergoing a significant transformation with the integration of artificial intelligence (AI). Through automation, data analysis and predictive capabilities, AI is reshaping how businesses operate as companies look to galvanise on the opportunity to boost productivity.
TikTok owner ‘scraping’ UK news sites to train ChatGPT rival (The Telegraph) Bytedance’s bot is said to have targeted publishers including The Guardian and Daily Mail
Adapting cybersecurity for the quantum computing era (Help Net Security) In this Help Net Security round-up security experts talk about quantum computing and its profound implications for data security.
Research and Development
The NCSC research problem book (NCSC) The most significant problems which the NCSC believes are in need of concerted and significant collaborative effort from multiple and diverse disciplines over the next decade.
Legislation, Policy, and Regulation
Joint Statement on the United States-European Union 9th Cyber Dialogue in Brussels (United States Department of State) The text of the following statement was released by the Government of the United States of America and the European Union on the occasion of the 9th U.S.-EU Cyber Dialogue. Begin TextThe United States and the European Union held the 9th U.S.-EU Cyber Dialogue in Brussels, Belgium, December 6-7, 2023. The United States and European […]
Tri-Nation cybersecurity summit marks milestone in global collaboration under GCTF (Financial Express) In a historic moment, US Ambassador to India Eric Garcetti, Taiwan’s Representative Baushuan Ger, former National Cyber Security Coordinator of India Lt Gen Rajesh Pant, and the United Service Institution of India jointly hosted the event.
What’s making critics most worried about competing surveillance bills in the House (Washington Post) There are two competing House proposals to revise and extend a potent surveillance tool due to expire at year’s end — and the opposing sides of the debate have tried to paint each other’s bills as fatally flawed.
Connecticut joins FCC partnership to strengthen cybersecurity enforcement (StateScoop) Connecticut is the latest state to partner with the Federal Communications Commission as part of an effort to boost investigations related to cybersecurity and consumer data.
New York Cybersecurity Regulation Amended and Expanded (JD Supra) On November 1, 2023, the New York Department of Financial Services (NYDFS) adopted amendments to its Cybersecurity Regulation, 23 NYCRR Part 500...
Litigation, Investigation, and Law Enforcement
The SEC action against SolarWinds highlights how tough it can get for CISOs (CSO Online) Examining what went wrong with SolarWinds’ handling of cyberattack reporting provides a cautionary tale for aspiring and incumbent security leaders alike.
How the 2016 election could factor into the case accusing Trump of trying to overturn the 2020 race (AP News) Prosecutors and lawyers for Donald Trump have signaled desire to invoke the 2016 election in the former president's trial on charges of scheming to overturn 2020 election results.
BlackCat ransomware site down amidst rumours of law enforcement action (Computing) The official leak website of the ALPHV ransomware group, aka BlackCat, has been offline for five days, fuelling speculation that law enforcement may have finally caught up with the prolific ransomware group.
No confirmation on rumored ALPHV/BlackCat site takedown by law enforcement (SC Media) While one research group maintains the leak site outage by the ransomware group was law enforcement-related, there’s still no official word from the FBI.
Kelvin Security hacking group leader arrested in Spain (BleepingComputer) The Spanish police have arrested one of the alleged leaders of the 'Kelvin Security' hacking group, which is believed to be responsible for 300 cyberattacks against organizations in 90 countries since 2020.
Spanish Police Nab Venezuelan Leader of Kelvin Security Hacker Group (Hackread) The arrested Venezuelan individual now faces charges including membership in a criminal organization, disclosure of secrets, computer damage, and money laundering.
Alleged leader of Kelvin Security hacker gang arrested in Spain (Record) Spanish national police said they detained the unnamed suspect in the port city of Alicante.
PSNI: Data breach 'wake-up call' for UK forces, review says (BBC) In a major data breach, details of nearly 10,000 staff including their names, were released by mistake.
Largest police data breach in UK history ‘went unnoticed’ by officials (The Telegraph) Review into the PSNI scandal criticises failure to protect sensitive information of almost 10,000 officers and staff
Northern Ireland police data breach report finds force-wide security failings (Sky News) More than 9,500 police officers and civilian staff had personal details wrongly published online in what was described as "the most significant data breach that has ever occurred in the history of UK policing".
Air Force disciplines 15 people in Discord leaks investigation (Washington Post) Jack Teixeira is alleged to have leaked secrets online alone, but superiors failed to stop ‘questionable activity’ they witnessed, investigators found
The Air National Guard disciplines 15 members in wake of Discord intel leak (NPR) The Air Force says it's disciplining 15 members following it's investigation of Jack Teixeira, an Air National Guardsman accused of classified leaks online.
Air Force Disciplines 15 Officers for Massive Leak (Wall Street Journal) An investigation found a series of failures that allowed the Air National Guardsman to post secrets on a social-media platform.
Jack Teixeira got security clearance despite history of violent threats (Washington Post) As he tapped anxiously at his computer keyboard one afternoon in early spring, Charles wondered when the FBI would arrest his best friend.
Pentagon leaker Jack Teixeira got intel briefings despite low-level job, bombshell Air Force investigation reveals (New York Post) The 21-year-old caught this year leaking highly sensitive Pentagon documents online was only meant to maintain his unit’s HVAC units and answer phones when he gained access to the top secret …
Google Loses Antitrust Case Brought by Epic Games (Wall Street Journal) San Francisco jury said Google created antitrust market with its app store
Epic win: Jury decides Google has illegal monopoly in app store fight (The Verge) Victory Royale.
R.R. Donnelley & Sons data breach $979K class action settlement (Top Class Actions) R.R. Donnelley & Sons agreed to pay $979,704 to resolve claims that it failed to prevent a 2021 data breach that compromised client information.
Long Island dental insurer to pay $400,000 penalty after 2021 data breach (Newsday) The company, Healthplex, of Uniondale, must also improve the security of its data system, according to an agreement with the office of New York State Attorney General Letitia James.
Former Dollar Tree employee suing company over data breach (WAVY) Dollar Tree, which is headquartered in Chesapeake, is facing a class action lawsuit.
UK police return £8 million in bitcoin stolen by chronically ill bed-bound thief (Record) Police in Lancashire in North West England have managed to return around £8 million ($10 million) in bitcoin to a man whose cryptocurrency was stolen back in 2017.