Robert Lemos reports: Companies in every industry continue to leave backup and storage platforms unsecured, with more than a dozen issues, including insecure network settings and unaddressed CVEs, affecting the average device. That leaves these repositories — often the first line of protection in the event of a ransomware attack — as sitting ducks for cybercriminals….
Category: Commentaries and Analyses
Stung by Free Decryptor, Ransomware Group Embraces Extortion
Mathew J. Schwartz reports: Not all ransomware groups wield crypto-locking malware. In their continuing quest for extortionate profits, some have moved away from encryption and pressure victims purely by threatening to leak stolen data unless they receive a ransom payment. This seems to have been the case for BianLian, a prolific ransomware group that emerged…
Director Easterly Announces New Members to Join CISA’s Cybersecurity Advisory Committee
As I posted earlier on infosec.exchange: Brilliant choice by #CISA to add @douglevin to their #cybersecurity advisory board. Doug is one of the most knowledgeable and thoughtful people I know when it comes to K-12 security and #EdTech. Read CISA’s press release of Monday to find out who else has been added.
NYC Special Needs Students’ Records Found Exposed on Web
Marianne Kolbasuk McGee reports: Tens of thousands of documents containing personal information of special education students within New York City’s public school system were held in an unsecured database exposed to the internet. Researcher Jeremiah Fowler of security services firm Security Discovery told Information Security Media Group he found the unsecured database in mid-February and…
McDonald’s Korea fined $532k for breach of customers’ personal data
Yonhap News reports: McDonald’s Korea was given a fine of 696 million won (US$532,110) on Wednesday after the personal data of 4.87 million customers was leaked to hackers due to the firm’s lax data management. The Personal Information Protection Commission handed out the fine to the Korean branch of the American fast food chain, along…
Privacy Commissioner Steps Away From Cyber Attack Investigation
VOCM reports: Privacy Commissioner Michael Harvey has stepped away from further involvement in his office’s investigation into the 2021 cyber attack on the health care system. Revelations about government seeking a court ruling on a potential conflict of interest with Harvey was a topic during question period in the House of Assembly yesterday. Read more…