Meghan Friedmann reports: A May 26 cybersecurity event that compromised the town’s information technology system and affected government email for weeks is expected to cost the town roughly $500,000. The funds cover legal expenses, a forensics investigation, consultation services, a multi-factor authentication upgrade, security awareness training and increased storage space, according to a memorandum Mayor Lauren Garrett sent…
Category: Commentaries and Analyses
Data Breach at Canadian Border Agency Contractor Involved up to 1.38 Million Licence Plates
The Canadian Press reports: The federal privacy watchdog says a data breach at a contractor for Canada’s border agency involved as many as 1.38 million licence plate images and associated information. In a report detailing its investigation, the privacy commissioner’s office cites inconsistencies in the way the Canada Border Services Agency managed licence plate information…
Microsoft confirms new Exchange zero-days are used in attacks
Sergiu Gatlan reports: Microsoft has confirmed that two recently reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 are being exploited in the wild. “The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible to…
Dismantling a Prolific Cybercriminal Empire: REvil Arrests and Reemergence
John Fokker writes: We’ve recently seen reports that the REvil ransomware gang is back online after the January 2022 arrests of several its members by Russian authorities claiming to dismantle the group and the November 2021 arrests of two members by U.S. authorities. While it remains to be seen if this re-emergence of REvil includes…
Leaked LockBit 3.0 builder used by ‘Bl00dy’ ransomware gang in attacks
Lawrence Abrams reports: The relatively new Bl00Dy Ransomware Gang has started to use a recently leaked LockBit ransomware builder in attacks against companies. Last week, the LockBit 3.0 ransomware builder was leaked on Twitter after the LockBit operator had a falling out with his developer. This builder allows anyone to build a fully functional encryptor and decryptor…
Inside a cyberattack method that targets your cellphone
Tim Starks reports: A recent spree of “smishing” attacks points to what some experts anticipate will be a wider threat in the future. The technique, which claims victims at Twilio and targeted others at Cloudflare, combines text messages intent on luring victims into clicking on a link, leans on the ubiquity of smartphones, seeks to…