School districts continue to be low-hanging fruit for threat actors. While Grief threat actors hacked and then dumped data from Clover Park School District in Washington, Booneville School District in Mississippi, and Lancaster ISD in Texas, Vice Society hacked and then dumped data from Whitehouse ISD, also in Texas. On June 28, DataBreaches.net emailed Whitehouse…
Author: Dissent
Dutch ethical hackers on a mission to fix the internet
AFP has a nice piece on Victor Gevers and the Dutch Institute for Vulnerability Disclosure. No, DIVD are not new kids on the block. They have been around for years, quietly and responsibly disclosing vulnerabilities, which is why some of us were appalled — and furious — when Victor was falsely accused of lying about…
Microsoft, Google, Citizen Lab blow lid off zero-day bug-exploiting spyware sold to governments
Iain Thomson reports: Software patches from Microsoft this week closed two vulnerabilities exploited by spyware said to have been sold to governments by Israeli developer Candiru. On Thursday, Citizen Lab released a report fingering Candiru as the maker of the espionage toolkit, an outfit Microsoft code-named Sourgum. It is understood the spyware, code-named DevilsTongue by Microsoft, exploited…
Za: Bank account details stolen in major insurance hack in South Africa
Jan Vermeulen reports: An attack on debit order collection company Qsure has impacted several South African insurers who use its services, including Hollard and Guardrisk. Australian security researcher Troy Hunt recently posted a notice from Ooba to its clients saying that although they do not yet know if any Guardrisk and Ooba clients were affected,…
Rewards for Justice – Reward Offer for Information on Foreign Malicious Cyber Activity Against U.S. Critical Infrastructure
The following announcement is from the U.S. Department of State today: The U.S. Department of State’s Rewards for Justice (RFJ) program, which is administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the…
U.S. Government Launches First One-Stop Ransomware Resource at StopRansomware.gov
Press release from the Department of Justice today: Today, as part of the ongoing response, agencies across the U.S. government announced new resources and initiatives to protect American businesses and communities from ransomware attacks. The U.S. Department of Justice (DOJ) and the U.S. Department of Homeland Security (DHS), together with federal partners, have launched a…