South Africa’s Justice Department disclosed that the DoppelPaymer gang attempted an attack on the Guardians fund at the Masters office Pietermartizburg, Reuters says. The government-administered fund is “held by the courts in trust on behalf of minors, unborn heirs and missing or absent persons.” So far no ransom demand has been received.
Safety Detectives reports that Bangalore-based e-learning vendor Edureka was operating an unsecured Elasticsearch server. About twenty-five gigabytes of personal information belonging to some two-million users were exposed. The data have now been secured.
Menlo Security, investigating a criminal campaign targeting the hospitality sector, found that the gang made extensive use of captchas in their spoofed pages to lend credibility to their scam.
The Zerologon vulnerability continues to pose a significant risk, and Microsoft has published clarification of the patching and mitigation guidance it issued last month.
The US Under Secretary of Defense for Acquisition and Sustainment has outlined US plans to disentangle supply chains from Chinese-produced microelectronics, Breaking Defense reports. The Defense Department is working on a “microelectronics strategy” intended to secure the Defense Industrial Base against both economic and cyber threats.
In one of its periodic doctrinal rectifications of names, the US Army has decided to move away from talking of “information warfare,” substituting instead “information advantage.” The new usage is thought more conducive to achieving “decision dominance.” C4ISRNet deploys its hermeneutical skills to explain the distinctions at play.
The National Institute of Standards and Technology wishes to remind all that National Cybersecurity Awareness Month begins tomorrow.