— The cybersecurity community during the COVID-19 emergency
Cybersecurity And COVID-19: The First 100 Days (Forbes) With cybercrime accelerating as COVID-19 spreads, manufacturing and retail organisations are seeing the most attacks.
Joint Chiefs of Staff chairman says evidence suggests coronavirus was not man-made or released from lab (TheHill) The Pentagon’s top uniformed official on Tuesday maintained that available evidence indicates the virus that has caused a global pandemic was natural and not man-made or released purposely from a Chinese lab.
Intel shared among US allies indicates virus outbreak more likely came from market, not a Chinese lab (CNN) Intelligence shared among Five Eyes nations indicates it is "highly unlikely" that the coronavirus outbreak was spread as a result of an accident in a laboratory but rather originated in a Chinese market, according to two Western officials who cited an intelligence assessment that appears to contradict claims by President Donald Trump and Secretary of State Mike Pompeo.
State-sponsored hackers ‘trying to steal’ coronavirus vaccine research (The Week UK) China, Russia and Iran accused of targeting UK and US labs
NHS workers targeted by hostile states in 'malicious cyber campaigns' (The Telegraph) Healthcare workers and those at universities and pharmaceutical companies being urged to change their passwords
UK expects hacker attacks on COVID responders to last months: minister (Reuters) Sophisticated networks of hackers are targeting national and international organisations which are responding to the COVID-19 pandemic, Britain's foreign minister Dominic Raab said on Tuesday, calling them "particularly dangerous and venal".
'No Security Breach In Aarogya Setu App': Govt Assures After Ethical Hacker Raises Privacy Concerns (Outlook India) On Tuesday, a French hacker and cyber security expert Elliot Alderson had claimed that 'a security issue has been found' in the app and that 'privacy of 90 million Indians is at stake'.
Britain's decision to go it alone on contact tracing app may be costly (The Telegraph) The process of developing and rolling out an effective app in different countries has provoked widespread disagreement
()
COVID-19 Contact Tracing Apps: Effective Virus Risk Management Tools or Privacy Nightmare? (SecurityWeek) Whether contact tracing apps succeed in curtailing the spread of COVID-19 will not be known for weeks or even months after their us, but experts warn about privacy and security implications.
Why New Contact Tracing Apps Have A Critical WhatsApp-Sized Problem (Forbes) This is the staggering scale of the contact-tracing challenge intended to get us back to work.
Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware (KrebsOnSecurity) Fresenius, Europe’s largest private hospital operator and a major provider of dialysis products and services that are in such high demand thanks to the COVID-19 pandemic, has been hit in a ransomware cyber attack on its technology systems.
Malspam Campaigns Attempt to Install Remote Access Trojans (BankInfo Security) Several malicious spam campaigns using COVID-19 as a lure are attempting to install the Remcos remote access Trojan on victims' devices, according to Microsoft.
Surge in security concerns due to remote working (Journey Notes) More than half of businesses responding to a recent survey have seen an increase in email phishing attacks during the COVID-19 pandemic.
‘Dramatic Rise’ in Scam Websites Mimicking Online Streaming Services (CPO Magazine) 700 scam websites pretending to offer online streaming services are taking advantage of the recent pandemic lockdowns to steal personal data and credit card information.
Pandemic-Related Malicious Activity Rising, With Online Retailers Hardest Hit (Media Post) Spam and opportunistic detection rose 26.3%, while impersonations rose 30.3%, malware rose 35.16%, and blocking of URL clicks rose 55.8%. Lookalike domains are easily forged, according to a report
released Tuesday from Mimecast.
Risk Ledger Report: Impact of the COVID-19 Crisis on Supply Chain Security (Security Magazine) Risk Ledger, London-based cybersecurity company, part of the UK's Government's LORCA program, has produced a white paper designed to guide professionals who manage supply chain risks on how to tackle the situation.
Most Malicious Coronavirus-Related Domains Located in U.S. (SecurityWeek) The United States has the highest number of malicious domains with names associated with the current coronavirus crisis
Singapore scrapes fraudulent COVID-19 healthcare products from online stores (ZDNet) Since February, more than 1,700 product listings that contain fraudulent COVID-19 claims have been removed from local e-commerce sites and retail shops.
Senator Says AI Co. Evasive On Facial Recognition Software (Law360) A senior Democratic lawmaker has continued to press an artificial intelligence company that has reportedly offered its facial recognition software as a "contact tracing" tool to track the spread of the novel coronavirus, asking it to verify that its technology works and does not pose an undue threat to U.S. citizens' privacy.
White House coronavirus task force to be wound down around Memorial Day (CNN) The White House coronavirus task force will start to wind down later this month, a senior White House official told CNN on Tuesday.
Welcome Back to the Office. Your Every Move Will Be Watched. (Wall Street Journal) Employers plan new tools to measure office interactions and track workers’ health. Some offices say it’s the only way to reopen without a vaccine; others worry the new technology could remain in place even after the coronavirus pandemic is under control.
COVID-19 Pandemic Pummels Biometrics Market Causing Device Revenues to Drop by US$2 Billion While Forcing Investment (ABI Research) According to global tech market advisory firm, ABI Research, the COVID-19 pandemic is expected to cause a significant pushback on biometric device shipments, creating a major revenue drop of US$2 billion over the course of 2020.
Authentication methods: how coronavirus sped up adoption (Raconteur) Enforced home working has forced companies to reassess how they identify employees, and could be a catalyst for strong growth in the authentication sector.
Big Brother is eyeing some PPP loans. Here's why it might be time to give the money back. (Silicon Valley Business Journal) Public blowback against some larger companies caused the SBA to issue new guidance, altering the PPP landscape, experts say.
Learn digital ways soon to make your life easy; social-distancing set to last long even after lockdown (The Financial Express) The forced lockdown period is a good opportunity for everyone to learn basics such as making online fund transfers via the payment gateways, pay renewals, and check balances, etc from the comfort of home.
Cybersecurity Layoffs: Targeted MSSP, Software, and Appliance Cuts Continue (MSSP Alert) Amid the coronavirus pandemic & economic fallout, some cybersecurity companies disclose targeted layoffs and/or temporary pay cuts for remaining staff.
VMware confirms employee salary freeze, CEO pay cut (CRN Australia) Implemented a “number of cost management changes”.
Data show how some startup founders are still raising capital during the COVID-19 crisis (Fast Company) The cofounder of startup incubator and investor DataTribe believes that founders who can answer “yes” to all four of these essential questions are likely to successfully raise capital.
Israeli Startups Want More Cash But With Lower Valuations During Covid-19 Era, Says VC Partner (CTECH) Victor Orlovski, founding partner at Fort Ross Ventures spoke to CTech about what the coronavirus pandemic means for investors and local entrepreneurs
RapidFire Tools Releases Secure Remote Working Solution (Database Trends and Applications) To aid the transition to remote work, RapidFire Tools, a Kaseya company and provider of business-building IT technologies, is releasing the Network Detective Work from Home (WFH) solution.
Nixu Corporation Initiates a Cost Reduction Program to Address the Impact of the COVID-19 (Cision) Nixu Corporation estimates that the COVID-19 pandemic will lead to a situation where economic growth pace will slow sharply in 2020 and the economic impact will continue still in 2021.
CyberforCOVID | Cybersecurity Deals for Remote Work Security (Cyberforcovid) Find cybersecurity products that have discounts or special offers to help you or your business work more securely during COVID-19.
Cyber Attacks, Threats, and Vulnerabilities
Taiwan security officials link cyberattacks to Tsai inauguration (Focus Taiwan) Taipei, May 6 (CNA) Security officials suspect that recent cyberattacks on petrochemical companies in Taiwan could be linked to President Tsai Ing-wen's (蔡英文) second-term inauguration on May 20, but did not offer specifics Wednesday to support their claim.
Taiwan’s state-owned company CPC Corp. suffers ransomware attack (CyberScoop) Ransomware has struck the computer systems of Taiwan’s state-owned energy company, CPC Corp., according to forensic reports reviewed by CyberScoop.
Facebook says it dismantles disinformation network tied to Iran's state media (Reuters) Iran's state broadcaster has used hundreds of fake social media accounts to covertly spread pro-Iranian messaging online since at least 2011, targeting voters in countries including Britain and the United States, Facebook said on Tuesday.
Iranian hackers tried to help Scotland become independent, Facebook claims (HeraldScotland) Disinformation agents ran fake pages which churned out memes, cartoons and propaganda in support of the Yes movement.
RFE/RL: Facebook removes hundreds of disinformation accounts linked to Russia, Iran, and Georgia | KyivPost - Ukraine's Global Voice (KyivPost) Facebook has removed hundreds of social media accounts — more than half of them based in Russia, Iran, and Georgia — after finding they belonged to networks that were running influence campaigns. Facebook announced the move on May 5, saying it took them down in April as part of its ongoing efforts to purge its platforms …
Facebook removes accounts belonging to QAnon, VDARE anti-immigration group (CyberScoop) Facebook says removed 20 accounts, six groups and five pages caught fabricating personas to like and comment on QAnon posts to build engagement.
US: Russia Could Try to Covertly Advise Candidates in 2020 (Voice of America) The Department of Homeland Security and FBI warned states earlier this year that Russia could look to interfere in the 2020 U.S. elections by covertly advising political candidates and campaigns, according to a law enforcement memo obtained by The Associated Press.
Details of 44m Pakistani mobile users leaked online, part of bigger 115m cache (ZDNet) The leak is already under investigation in Pakistan since last month, April 2020.
WordPress Hacker Attacks One Million Sites in a Month (Infosecurity Magazine) Cross-site scripting bugs in plug-ins targeted in new campaign
A hacker group tried to hijack 900,000 WordPress sites over the last week (ZDNet) Massive hacking operations causes a 30 times spike in bad traffic.
Tarkett Lëtzebuerg: Cyber attack to have repercussions on work (RTL Today) About 500 people are currently employed by Tarkett in Wiltz and in Lentzweiler.
Crowdfunding platform ImpactGuru hit by cyber attack (MediaNama) In a cyber attack on ImpactGuru, a Mumbai-based crowdfunding platform, attackers got unauthorised access to the platform's website, Inc42 reported.
Nearly a Million WP Sites Targeted in Large-Scale Attacks (Wordfence) Our Threat Intelligence Team has been tracking a sudden uptick in attacks targeting Cross-Site Scripting(XSS) vulnerabilities that began on April 28, 2020 and increased over the next few days to approximately 30 times the normal volume we see in our attack data. The majority of these attacks appear to be caused by a single threat ...Read More
SAP discloses security lapses; says there was no data breach (Reuters) Business software group SAP disclosed on Tuesday that some of its cloud products did not meet contractual or statutory security standards and said it would take remedial action to fix the problem as soon as possible.
Firm's MDM Server Abused to Deliver Android Malware to 75% of Its Devices (SecurityWeek) A threat actor managed to infect more than 75% of the devices within a company by distributing their Android malware through a mobile device management (MDM) server.
Now we know what the P really stands for in PwC: X-rated ads plastered over derelict corner of accountants' website (Register) Naughty posters on hijacked subdomain show up in search results
BJC HealthCare warns patients of possible data breach (KMOV.com) BJC HealthCare experienced a data breach in March resulting in the possible exposure of the protected health informationof patients.
Professional data leakage: How did that security vendor get my personal data? (WeLiveSecurity) Antispam testing has created a lucrative business model for vendors selling spam feeds to testing organizations and security vendors alike. You might be surprised to find out how exactly your emails can end up in these feeds.
Virgin Media data breach: A different kind of security threat (SC Magazine) How can consumers expect businesses to protect their data from external attacks if their internal practices put them at risk? Claims can be brought under GDPR for material and non-material damage.
Hackers exploit Salt RCE bugs in widespread attacks, PoCs public (BleepingComputer) Hackers kept busy this weekend exploiting vulnerable Salt instances used in various infrastructures for server management and automation.
Researcher Demonstrates How to Easily Create Malicious Chrome Proxies (TechNadu) A security researcher has released the “CursedChrome” extension, which can set up proxies on target browsers allowing the launching of stealthy attacks.
Logistics giant Toll Group hit by ransomware for the second time in three months (ZDNet) Toll says that it has no intention of bowing to blackmail.
The world’s biggest PC games are fighting a new surge of cheaters and hackers (The Verge) Some game developers are using unique and controversial ways to combat cheating.
Fazecast jSerialComm (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 7.8
ATTENTION: Low skill level to exploit
Vendor: Fazecast
Equipment: jSerialComm
Vulnerability: Uncontrolled Search Path Element
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an unauthenticated attacker to execute arbitrary code on a targeted system.
SAE IT-systems FW-50 Remote Telemetry Unit (RTU) (CISA) 1. EXECUTIVE SUMMARY
CVSS v3 9.1
ATTENTION: Exploitable remotely/low skill level to exploit
Vendor: SAE IT-systems
Equipment: FW-50 Remote Telemetry Unit (RTU)
Vulnerabilities: Cross-site Scripting, Path Traversal
2. RISK EVALUATION
Successful exploitation of these vulnerabilities may allow an attacker to execute remote code, disclose sensitive information, or cause a denial-of-service condition.
Toll Group suffers second ransomware attack this year (iTnews) Hit by Nefilim infection.
Nearly 200 Law Firms Affected By Potential Data Leak (Law360) Potentially sensitive information belonging to 193 U.K. and global law firms including Baker McKenzie, Clifford Chance LLP and Hogan Lovells was posted publicly to a website that remained up for "an extended period" of time, according to a recent report by cybersecurity company TurgenSec.
Click Here to Find Out Who Falls for Scams (Infosecurity Magazine) What persuaded you to click was most likely some form of social proof.
Security Patches, Mitigations, and Software Updates
Firefox 76 arrives with password management and Zoom improvements (VentureBeat) Mozilla has launched Firefox 76 with new Firefox Lockwise password functionality, a change to how Zoom works, and a handful of developer features.
Office 365 to stop data theft by disabling external forwarding (BleepingComputer) Microsoft is planning to put a stop to enterprise data theft via email forwarding by disabling Office 365's email forwarding to external recipients by default.
Critical vulnerability found in WordPress plugin; patch available (TechGenix) A severe vulnerability in a popular WordPress plugin can be leveraged by hackers to inject arbitrary malicious code by a threat actor.
Cyber Trends
The SecureAuth 2020 State of Identity Report (SecureAuth) SecureAuth conducted the research using an online survey among 2,000 general population consumers in the U.S. Data was collected between March 16 and March 21, 2020. With nearly 50% of survey respondents currently in the U.S. workforce, the survey provides an objective data set with respect to the security and privacy habits consumers apply in both their personal and professional lives.
2020 Identity Breach Report - 4iQ (4iQ) This report offers insights into breached data trends and how it's weaponized in underground markets fueling Identity-based attacks across the globe.
LastPass Psychology of Passwords Report Reveals 91% of People Know Password Reuse is Insecure, Yet Two Thirds Do It Anyway (BusinessWire) Cognitive dissonance prevails, unchanged behaviors create new online security concern
Psychology of Passwords: Inside Risky Online Behavior (LastPass) Since 2016, we have analyzed how password practices and online behavior could be putting our personal identity and data at risk. Take a look at our infographic for the Psychology of Passwords 2020!
We beg, implore and beseech thee. Stop reusing the same damn password everywhere (Register) Survey finds 66% of lazy gits don't change between sites
Firms perceived to fake social responsibility become targets for hackers, study shows (Science Codex) Data breaches have become daily occurrences.
Bad password habits continue with 53% admitting to using the same password (TechRepublic) Ahead of World Password Day, a survey finds management is worse than junior staff at practicing good password hygiene, according to SecureAuth.
Australian Breach Notifications increase in the second half of 2019 but continue to lag behind other nations (Mondaq) Assessment of key trends from the Notifiable Data Breaches Report ending December 2019.
Marketplace
Cybersecurity Startup Orca Security Lands $20.5M Series A Funding (Orca) Orca Security provides deep cloud security in minutes, not Months. Unit 8200 taught me a lot about how to approach a problem...
Orchestra Group buys Israeli cybersecurity co Cronus (Globes) Cronus' developments will be integrated into Orchestra's broad raft of cybersecurity solutions.
Perspecta's second acquisition centers on electronic warfare, cyber convergence (Washington Technology) Just shy of two years since its launch, Perspecta makes the company's second acquisition and this deal centers on how electronic warfare and cybersecurity are closely linked.
BlackCloak Secures Funding from DataTribe to Fuel Growth Protecting the Homes and Personal Lives of Executives and High-Net-Worth Families from Cybercriminals (PR Newswire) DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies with nation-state...
Could Oracle Solve Zoom Video Communications’ Biggest Problem? (The Motley Fool) The underdog cloud provider could help Zoom support more users and reduce its dependence on AWS and Azure.
Why MobileIron CEO Simon Biddiscombe isn’t scared (Diginomica) A look at what MobilIeon - the IT security company that did it ‘the other way round’ - plans to do next
Interview: Debra Danielson, CTO and SVP of Engineering, Digital Guardian (Infosecurity Magazine) Infosecurity speaks to Debra Danielson about mentoring in the information security industry
Crowdstrike: Strike Hard, Strike Fast (Seeking Alpha) CrowdStrike Holdings, Inc is a leading cybersecurity technology company as illustrated in Gartner's Magic Quadrant of Endpoint Protection Platforms in 2019.
Microsoft announces limited Azure Sphere bug bounty program (Help Net Security) Microsoft will launch a new security research / bug bounty program aimed at improving the security of Azure Sphere, its comprehensive IoT security solution.
Matthew G. Devost Joins Flashpoint Board of Directors (PR Newswire) Flashpoint, the globally trusted leader in risk intelligence, has today announced that Matthew G. Devost has been appointed to the company's...
Coalfire Appoints Cyber Vet Jim Pflaging to Board of Directors (PR Newswire) Coalfire, a provider of cybersecurity advisory and assessment services, today welcomed industry veteran Jim Pflaging to its board of directors....
After Data Hack, Capital One Brings in Goldman's Cyber Chief For Cleanup (Claims Journal) One of Wall Street's top cybersecurity czars is leaving Goldman Sachs Group Inc. to help take charge of the cleanup at Capital One Financial Corp., which
Plurilock Announces Addition of Cybersecurity Leader Ed Hammersla to B (PRWeb) Plurilock Security Solutions, Inc., leading provider of behavioral-biometric authentication technologies, this week announced the addition of seaso
SecureSky Accelerates Growth as it Expands its Strategic Advisory Board | HostReview.com (HostReview) SecureSky, a leader in the cloud security posture management and compliance solutions, announced the appointment of three new Advisory Board members.M
TransUnion Accelerates the Expansion of its Global Fraud Business and Hires Shai Cohen to Lead it (TransUnion) TransUnion (NYSE: TRU) today announced the creation of its Global Fraud & Identity Solutions Group, a move focused on uniting all aspects of the company’s fraud risk offerings, and the hiring of industry veteran, Shai Cohen, to lead the group.
Products, Services, and Solutions
King & Union Adds Threat Intelligence Services to Avalon Cyber Analysis Collaboration Platform (King & Union) King & Union today launched a suite of new service offerings to augment its Avalon Cyber Analysis Platform and help customers address the human aspect of threat intelligence operations, bridging common gaps that many security teams face.
Yellowbrick Data Forms Global Partnership With Next Pathway as Its Preferred Workload Migration Partner (BusinessWire) Yellowbrick Data, the industry’s leading data warehouse for hybrid cloud, and Next Pathway Inc., the Automated Cloud Migration company, today announce
Thales deploys GSMA-certified eSIM activation solution on Google Cloud (Help Net Security) Thales to use Google Cloud technology to deliver highly secure and scalable activation of eSIM (embedded SIM) capable devices.
Recorded Future to Provide Free Access to Elite Intelligence Through New Browser Extension (PR Newswire) Recorded Future, the largest global security intelligence provider, today released a free browser extension that helps prioritize SIEM alerts...
Thycotic rolls out ServiceNow integration for privileged service accounts (Security Brief) The integration aims to resolve workflow approvals, which is a common bottleneck for IT teams that manage privileged service accounts.
RMS Launches New Products and Models on RMS Risk Intelligence, the Unified Cloud Platform for Global Risk (BusinessWire) Latest product releases include Risk Modeler 2.0, new and updated HD Models and intelligent applications purpose-built for navigating the growing risk landscape
Acronis Launches World’s First Comprehensive Cyber Protection Solution in India (CXOToday.com) Able to curb cyberthreats and improve remote working practices during the pandemic. Enables service providers to cut costs by...
Veridify Security's DOME™ Client Library Achieves PSA Certified Level 1 Accreditation (PR Newswire) Veridify Security Inc., a leader in securing low-resource devices at the edge of the IoT, announced today that its DOME Client, running on the...
Technologies, Techniques, and Standards
Security Maturity and Business Enablement Survey Brief (AT&T Cybersecurity) Learn about the fielded survey and resulting thought leadership report by Enterprise Strategy Group (ESG) and AT&T Cybersecurity on the topic of security maturity and business enablement.
[Executive Summary] Security Effectiveness Report 2020 Summary for Federal (FireEye) When it comes to cyber security, federal agencies constantly wonder “Will our effort and strategy protect us from an attack?” Our Security Effectiveness Report 2020 confirms that continuous validation of effectiveness is critical to performance.
Forget Whitelists and Blacklists: Go for 'Allow' or 'Deny' (BankInfo Security) Forget "whitelists" and "blacklists" in cybersecurity. So recommends Britain's National Cyber Security Center, in a bid to move beyond the racial connotations inherent to the terminology. Henceforth, NCSC - part of intelligence agency GCHQ - will use the terms "allow list" and "deny list." Will others follow?
Research and Development
DoD cybersecurity tech to be standardized by RTI (Military Embedded Systems) Real-Time Innovations (RTI), the Industrial Internet of Things (IIoT) connectivity company, announced that it won $500,000 in additional government funding to continue support of their Small Business Innovation Research (SBIR) Phase II contract.
Is your smartphone pushing you to overshare? (Help Net Security) Smartphone devices can affect the extent to which they disclose intimate or personal information about themselves and can make people overshare.
It’s Not Me—It’s You: We Believe We’re Less Likely than Others Are to Fall for Online Scams (NYU) We believe we are less likely than others are to fall for phishing scams, thereby underestimating our own exposure to risk, a new cybersecurity study has found.
Legislation, Policy, and Regulation
#Disinformation – Commission welcomes intermediary report on Code of Practice (EU Reporter) The Commission welcomes the adoption by the European Regulators Group of Audiovisual Media Services (ERGA) of the monitoring report on the effectiveness of the Code of Practice on disinformation of October 2018.
Lawmaker to Introduce Bill to Help US Manufacturers Move Out of China (Epoch Times) Rep. Mark Green (R-Tenn.) is set to introduce a bill to help companies move their manufacturing from China ...
DNI Nominee Wants More Investments in Quantum Tech (MeriTalk) The Trump administration’s nominee for Director of National Intelligence told the Senate Intelligence Committee today he is worried about the lack of investments the U.S. is making in quantum computing technologies relative to those being made by China.
Analysis | The Cybersecurity 202: John Ratcliffe, spy chief nominee, hedged on whether Russia favored Trump in 2016 (Washington Post) It's still a litmus test for Trump's national security nominees.
75 small, micro agencies to have access to advanced cyber services under new award (Federal News Network) GSA and DHS awarded a $276 million contract to CGI-Federal to modernize the current shared services platform and add new capabilities.
Advocates Push Ahead With New Version Of Calif. Privacy Law (Law360) Sponsors of a California ballot measure that would revamp the state's landmark consumer privacy law say they are moving forward with plans to put the proposal on November's ballot, despite the impact of the COVID-19 pandemic.
AGs Urge Telecom Industry To Step Up Robocall Fight (Law360) Attorneys general from across states and territories are calling on the U.S. telecom industry to beef up technology needed to combat robocalls, as service providers roll out a working group to trace the sources of illegal calls.
Effective Cybersecurity Requires a ‘Whole of State Approach’ (Government Technology) At a virtual session of the NASCIO midyear conference, North Carolina Chief Risk Officer Maria Thompson explained why states must help their cities and counties in the fight against hackers.
Litigation, Investigation, and Law Enforcement
Govts Deployed Pegasus Spyware on People: NSO Group Tells US Court (The Quint) Israeli company NSO Group has submitted to a California court that government clients had used the Pegasus spyware.
InfinityBlack hacker group dismantled by European authorities (BleepingComputer) Europol announced today that Polish and Swiss law enforcement authorities dismantled the 'InfinityBlack' hacker group after arresting five of its members in Poland on April 29, 2020.
Europol arrests hackers behind Infinity Black hacker group (ZDNet) Polish police arrests five hackers for selling stolen user credentials and hacking tools.
European Police Bust Hacking Ring Targeting Loyal Shoppers (Law360) European police have taken down a hacking ring responsible for the theft of millions of loyalty points from unsuspecting shoppers in Poland and Switzerland, the bloc's law enforcement agency said Tuesday.
Cybereason Accuses Ex-Leader Of Taking Trade Secrets To SentinelOne (CRN) Cybereason has sued its former top product leader in an effort to block him from taking the company’s “most sensitive commercial secrets” to rival SentinelOne.
7th Circ. Says Ill. Biometric Consent Claims Have Standing (Law360) Federal courts can hear claims that employers violated biometric privacy laws by collecting fingerprints without the informed consent of their workers, because that's a concrete and particularized injury that establishes standing, the Seventh Circuit held Tuesday.
Class-action lawsuit dismissed against LU hacker (Sudbury.com) Spencer Brydges reaches settlement with students, staff pursuing litigation