Lindsey O’Donnell-Welch reports: New cybersecurity requirements from the Transportation Security Administration (TSA) give freight railroads, passenger rail and rail transit operators a 24-hour deadline for reporting security incidents. Starting on Dec. 31, “high-risk” operators and owners across the rail sector must take a number of steps to bolster the cybersecurity of their systems. They must…
Author: Dissent
Bitmart hacked; Estimated loss of $200M
Lipka Deka reports: Crypto exchange firm Bitmart suffered a large-scale hack incurring a total loss of approximately $200 million. The news was first brought to the attention by security analytics entity Pecksheild Inc who raised an alarm of the reported breach on Saturday night. Pechsheild sent out the tweet detailing the suspicious amount of outflows of a…
Who Is the Network Access Broker ‘Babam’?
Brian Krebs reports: Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. In this post we’ll look at…
Ransomware attack hits French-Public School Board, employee and student data stolen
Phillip Blancher reports from Ottawa: An October 18 ransomware attack has left personal data exposed by the local French-Public school board. The Conseil des écoles publiques de l’Est de l’Ontario issued a press release November 30 announcing it had been attacked, and that after resecuring the network it was discovered that some files stored at…
Tulane University crime data breach exposes health records, sexual assault victims’ names
Missy Wilkinson Reports: Health records and names of people who visited Tulane University Medical Center’s emergency department, including for attempted suicide. Graphic information about sexual assaults and the identities of the victims, witnesses and suspects. All this and other sensitive information protected under federal privacy laws was visible to anyone with a Tulane email address…
Sensitive information of 30k Florida healthcare workers exposed in unprotected database
Jonathan Greig reports: More than 30,000 US healthcare workers’ personal information was recently exposed due to a non-password protected database, according to security researcher Jeremiah Fowler and a team of ethical hackers with Website Planet. Fowler discovered a database run by Gale Healthcare Solutions with 170,239 exposed records that included names, emails, home addresses, photos and in some…