John Bailey and John Druckenmiller reported this on June 8: The Floyd County school system confirmed on Wednesday reports of a cyberattack, discovered Monday, that resulted in $194,672.76 being stolen from the school system. “Floyd County Schools has been made aware of a spear phishing incident, which is a targeted email attack pretending to be…
Author: Dissent
Kennesaw State researchers highlight gaps in data security considerations for brainwave tech
Thomas Hartwell writes: Kennesaw State University researchers are urging a greater focus on cybersecurity in emerging brainwave technologies, which they say are vulnerable to hacking and breaches of personal data. Brainwave technologies can be used with a wired cap that feeds and decodes information straight into a computer, or wirelessly by wearing sensors on the…
More details emerge on Palermo ransomware attack — threat actors claim 350 GB stolen and 70% of files encrypted
Last week, the municipality of Palermo, Italy issued a statement that it had shut down systems in response to a cyberattack and that all services had been impacted. The Vice Society ransomware group subsequently claimed responsibility for the attack by adding Palermo to their list of “partners” on their dark web leak site. As DataBreaches.net…
Confluence servers hacked to deploy AvosLocker, Cerber2021 ransomware
Sergiu Gatlan reports: Ransomware gangs are now targeting a recently patched and actively exploited remote code execution (RCE) vulnerability affecting Atlassian Confluence Server and Data Center instances for initial access to corporate networks. If successfully exploited, this OGNL injection vulnerability (CVE-2022-26134) enables unauthenticated attackers to take over unpatched servers remotely by creating new admin accounts…
OCR Presents: Recognized Security Practices Video Presentation
The HHS Office for Civil Rights (OCR) is producing a pre-recorded video presentation for HIPAA covered entities and business associates (regulated entities) on “recognized security practices,” as set forth in Public Law 116-321 (Section 13412 of the Health Information Technology for Economic and Clinical Health Act (HITECH). The statute requires OCR to take into consideration…
Choice Health Insurance notifying people after vendor error resulted in a data breach
On June 8, Choice Health Insurance began notifying people of a data breach caused by human error. According to their notification to the California Attorney General’s Office, they learned on May 14 that an unauthorized person was “offering to make available data allegedly taken from Choice Health.” In actuality, on May 9, the data had…