Vyacheslav Kopeytsev and Seongsu Park write: We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. After taking a closer look,…
Month: February 2021
Indian Army Probes Alleged Data Breach In Northern Command Amid Border Tensions
Shloak Prabhu reports: The Indian Army is probing an alleged case of data breach in its northern command after a soldier was caught sharing data with Pakistani operatives. The data breach matter came to light after army officials caught the soldier from Punjab who was posted with the Northern Command. This came amid Indian Army’s…
March 1, 2021: Deadline for Reporting 2020 Small Healthcare Data Breaches
Reminder: March 1, 2021: Deadline for Reporting 2020 Small Healthcare Data Breaches
Privacy Policy Ponderings
Matt Fisher writes: … Could a Privacy Policy be viewed as a contract of adhesion? First, that raises the question of what exactly is a contract of adhesion. It can be a standard form contract that is drafted by one party, often with more leverage, and presented to another party for acceptance without the opportunity…
Insider Cloud Data Theft Plagues Healthcare Sector
Phil Muncaster reports: Over a third (35%) of global healthcare organizations suffered cloud data theft by malicious insiders last year, according to data from Netwrix. The findings come from the security vendor’s 2021 Netwrix Cloud Data Security Report, based on interviews with 937 IT professionals around the world. It claimed that while insider theft was less…
Fr: Montélimar: a transport group targeted by a cyber attack
The Charles André group, headquartered in Montélimar, would have been the target of a cyberattack, Le Dauphiné Libéré learned on Monday February 22 from several corroborating sources. (Translated from Le Dauphine, which reports the firm has not responded to inquiries asking whether this was a ransomware attack). h/t, @Chum1ng0