Ayushman Kuman reports: A day after a Telegram bot provided access to the personal information of individuals who had reportedly registered for vaccination through the government’s CoWIN portal, an independent analysis by CloudSEK has shown that the threat actors do not have access to the entire portal or the backend database. CloudSEK is a Singapore-based…
Category: Commentaries and Analyses
Singapore regulator decision reminds entities of duty to monitor vendors
Even though RAIDForums was seized in early 2022, data leaks and breaches on the site are still having repercussions for entities. On May 11, the Singapore Personal Data Protection Commission (PDPC) issued a decision involving Kingsforce Management Services Pte Ltd. On January 31, 2022, the firm had notified the PDPC that on or about December…
Asylum Ambuscade hackers mix cybercrime with espionage
Bill Toulas reports: A hacking group tracked as ‘Asylum Ambuscade’ was observed in recent attacks targeting small to medium-sized companies worldwide, combining cyber espionage with cybercrime. The particular threat group, believed to have been operational since at least 2020, was first identified by Proofpoint in a March 2022 report that focused on a phishing campaign against entities…
High court sides with Medicaid fraudster in identity theft case
Alexandra Jones reports: The Supreme Court unanimously shot down the government’s broad reading of identity theft law Thursday in a decision that will shorten the prison sentence of an Austin psychologist who defrauded Medicaid. “While the Government represents that prosecutors will act responsibly in charging defendants under its sweeping reading, this Court ‘cannot construe a…
The 2023 Verizon DBIR is out — get your copy now
Verizon’s top-notch annual Data Breach Investigations Report (DBIR) is out. You can jump to the Executive Summary of the report, download the entire report, or view it online. Here is its seven key insights infographic, below. Of the seven key insights, the figure that stands out the most to me is 74%: 74% of all…
Pacific Union College was attacked on March 27. When will they publicly admit personal info was compromised?
That Pacific Union College (PUC) experienced a cyberattack is not a secret. The college even posted a notice on their website on April 7 stating that they were experiencing “Additional complications relating to the ongoing cybersecurity issue, which has recently affected some of our internal networks, phone systems, and web services. The remainder of the…