Commentaries and Analyses – Page 162

Iranian Cyber Group Emennet Pasargad Conducting Hack-and-Leak Operations Using False-Flag Personas

Posted on October 20, 2022 by Dissent

FBI Private Industry Notification 20 October 2022 PIN Number 20221020-001 Summary The FBI is providing information concerning ongoing hack-and-leak cyber operations conducted by Iranian cyber group Emennet Pasargad. According to FBI information, since at least 2020, Emennet targeted entities primarily in Israel with cyber-enabled information operations that included an initial intrusion, theft and subsequent leak…

Cybersecurity Frameworks: What K-12 Leaders Need to Know

Posted on October 20, 2022 by Dissent

The K12 Security Information eXchange (K12 SIX) is pleased to release “Cybersecurity Frameworks: What K-12 Leaders Need to Know,” a new resource for state and local education leaders encouraging the adoption of nationally recognized cybersecurity best practices. This white paper, commissioned by the State Educational Technology Directors Association (SETDA) as part of the work of…

New York Department of Financial Services settles charges against EyeMed with a $4.5 million penalty and remedial cybersecurity plan

Posted on October 19, 2022 by Dissent

In January 2022, DataBreaches reported that New York announced a $600,000 agreement with EyeMed that resolved a 2020 phishing incident that compromised the personal information of approximately 2.1 million consumers nationwide, including 98,632 in New York. But that was not the end of enforcement action and monetary penalties for EyeMed. Now the state’s Department of…

Israeli officer reveals intricate details of IDF’s first ever cyberattack

Posted on October 17, 2022 by Dissent

Yoav Zitun reports: Second Lieutenant B. was a young officer in the IDF’s Military Intelligence Directorate during the 1990s, and was the person who planned and executed the army first ever cyberattack. […] Instead of waiting for a bug in the enemy’s cyber system and “breaking in” during the short time window, the tactic the…

A Data Breach Is Bad, But Disclosing Too Much Could be Worse

Posted on October 16, 2022 by Dissent

Adam Stone reports: When state and local IT systems get breached, there’s a balancing act to be struck. How much can and should the public be told? Some advocates of transparency and accountability say anything that happens in the public realm ought to be public knowledge. On the opposite extreme, some IT leaders worry that…

Magniber Ransomware Adopts JavaScript to Attack Individual Users

Posted on October 14, 2022 by Dissent

Beth Maundrill reports: Recent analysis shows that Magniber ransomware has been targeting home users by masquerading as software updates. A ransomware campaign isolated by HP Wolf Security in September 2022 saw Magniber ransomware spread. The malware is known as a single-client ransomware family that demands $2,500 from victims. Previously Magniber was primarily spread through MSI and EXE files, but…