Facebook and Twitter warned yesterday that users may have unwittingly compromised personal information to two data-harvesting apps downloaded from Google Play: Giant Square and Photofy, by developers One Audience and Mobiburn, reports CNBC.
Nursing homes affected by a ransomware attack against Virtual Care Provider, a company that provides the care facilities with a range of IT and security services, have received their ransom demands. Those demands, CBS News says, amount to $14 million. The infection vector appears to have been a protracted series of phishing emails carrying malicious attachments.
The US Department of Energy has released its unclassified evaluation of its cybersecurity program. The inspectors found a variety of familiar, recurring issues at energy installations, including several facilities managed by the National Nuclear Security Administration. Among those issues is a persistent failure to patch.
Sony Pictures was hacked five years ago this week. Principal responsibility for the attack was widely and convincingly attributed (by the US Government and others) to the North Korean government. But the Hollywood Reporter recounts skepticism from film business people who were around Sony Pictures at the time who continue to wonder what happened. Here's the US Department of Justice statement about accused Lazarus Group figure Park Jin Hyok for his role in the Sony attack and other capers.
The US Cybersecurity and Infrastructure Security Agency has issued some advice on how to shop safely during the holiday season. In the US that season opens with Thanksgiving; the shopping season hits the following day, Black Friday.