Zack Whittaker and Carly Page report: Software maker Fortra told its corporate customers that their data was safe — even when it wasn’t — following a ransomware attack on its systems, TechCrunch has learned. … TechCrunch has heard from two victim organizations that only learned that data had been exfiltrated from their GoAnywhere systems after…
Category: Commentaries and Analyses
Medical technology regulations and the NHS
From Parliament: A debate has been scheduled for 4.30pm on Tuesday 28 March on medical technology regulations and the NHS. The debate will be opened by Dame Caroline Dinenage MP. The Library will produce briefing ahead of this debate, and this page will be updated when it is published.
Epidemic of Insecure Storage, Backup Devices Is a Windfall for Cybercriminals
Robert Lemos reports: Companies in every industry continue to leave backup and storage platforms unsecured, with more than a dozen issues, including insecure network settings and unaddressed CVEs, affecting the average device. That leaves these repositories — often the first line of protection in the event of a ransomware attack — as sitting ducks for cybercriminals….
Stung by Free Decryptor, Ransomware Group Embraces Extortion
Mathew J. Schwartz reports: Not all ransomware groups wield crypto-locking malware. In their continuing quest for extortionate profits, some have moved away from encryption and pressure victims purely by threatening to leak stolen data unless they receive a ransom payment. This seems to have been the case for BianLian, a prolific ransomware group that emerged…
Director Easterly Announces New Members to Join CISA’s Cybersecurity Advisory Committee
As I posted earlier on infosec.exchange: Brilliant choice by #CISA to add @douglevin to their #cybersecurity advisory board. Doug is one of the most knowledgeable and thoughtful people I know when it comes to K-12 security and #EdTech. Read CISA’s press release of Monday to find out who else has been added.
NYC Special Needs Students’ Records Found Exposed on Web
Marianne Kolbasuk McGee reports: Tens of thousands of documents containing personal information of special education students within New York City’s public school system were held in an unsecured database exposed to the internet. Researcher Jeremiah Fowler of security services firm Security Discovery told Information Security Media Group he found the unsecured database in mid-February and…