The Office of Inadequate Security
Asmahan Qarjouli reports: The Qatar Financial Centre’s (QFC) Data Protection Office (DPO) has issued a $150,000 fine on a company under its license following a data breach that enabled access to personal data. The measures, the first of their kind in Doha, were taken by DPO on Tuesday following an investigation that detected breaches of…
Kristina Beek reports: Former Uber CISO Joseph Sullivan, convicted in 2023 of trying to cover up a data breach, is seeking a new trial, citing procedures omissions from his original trial that his lawyers said tainted the verdict. Sullivan was initially convicted on charges related to Uber’s 2016 data breach and was sentenced to three years of…
It reportedly was not a ransomware attack, but MoneyGram has now confirmed it did lose sensitive customer data in the recent cyberattack against its business. Sead Fadilpašić reports: In a data breach notification letter sent to affected customers and published on the company’s website, hackers were able to access MoneyGram’s networks for two days, between…
Executive Summary Trinity ransomware is a relatively new threat actor, known for employing a double extortion strategy. This method involves exfiltrating sensitive data before encrypting files, thereby increasing pressure on victims to pay the ransom. This ransomware uses the ChaCha20 encryption algorithm, and encrypted files are tagged with the “.trinitylock” file extension. Trinity operates a…
James Coker reports: The Australian government has introduced the country’s first standalone cybersecurity law to Parliament. The new legislation aims to better protect citizens and organizations against a heightened geopolitical and cyber threat environment. The Cyber Security Bill 2024 covers a range of areas, including mandating minimum cybersecurity standards for IoT devices and mandatory ransomware reporting for critical infrastructure…
Dmytro Basmat reports: Ukrainian court has sentenced in absentia two members of the Russian security service-backed (FSB) hacker group “Armageddon” for having carried out more than 5,000 cyberattacks against Ukrainian institutions and critical infrastructure, Ukraine’s State Security Service (SBU) said on Oct. 8. Russian hackers have regularly targeted various Ukrainian government institutions as well as businesses with…