Maggie Miller reports: Albania was hit by cyberattacks earlier this year so debilitating that the government considered invoking a NATO declaration that could have pulled all member states into confrontation with Iran, Prime Minister Edi Rama said. It would have been the first time a NATO member state used a cyberattack to invoke Article Five…
Category: Commentaries and Analyses
Third servicer entangled in massive data breach litigation
Andrew Martinez reports: The legal fallout from a massive data breach impacting over 4 million borrowers’ personally identifiable information just got bigger. A federal judge Monday ordered a class action lawsuit against Community Loan Servicing be folded into a larger, similar suit against two of its sister companies, according to court records. The consolidated complaints from…
CT: Hamden mayor estimates $500,000 cost to address spring cyberattack
Meghan Friedmann reports: A May 26 cybersecurity event that compromised the town’s information technology system and affected government email for weeks is expected to cost the town roughly $500,000. The funds cover legal expenses, a forensics investigation, consultation services, a multi-factor authentication upgrade, security awareness training and increased storage space, according to a memorandum Mayor Lauren Garrett sent…
Data Breach at Canadian Border Agency Contractor Involved up to 1.38 Million Licence Plates
The Canadian Press reports: The federal privacy watchdog says a data breach at a contractor for Canada’s border agency involved as many as 1.38 million licence plate images and associated information. In a report detailing its investigation, the privacy commissioner’s office cites inconsistencies in the way the Canada Border Services Agency managed licence plate information…
Microsoft confirms new Exchange zero-days are used in attacks
Sergiu Gatlan reports: Microsoft has confirmed that two recently reported zero-day vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019 are being exploited in the wild. “The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is accessible to…
Dismantling a Prolific Cybercriminal Empire: REvil Arrests and Reemergence
John Fokker writes: We’ve recently seen reports that the REvil ransomware gang is back online after the January 2022 arrests of several its members by Russian authorities claiming to dismantle the group and the November 2021 arrests of two members by U.S. authorities. While it remains to be seen if this re-emergence of REvil includes…