Stavros Atlamazoglou reports: … Russian hackers went after a variety of Ukrainian targets in the private and public sectors, but one cyber weapon aimed at a specific military target spilled over and affected tens of thousands of devices outside Ukraine. A few hours before the Russian invasion began on February 24, Russian hackers launched a…
Category: Commentaries and Analyses
Political Agreement Reached on New EU Horizontal Cybersecurity Directive
Mark Young and Tomos Griffiths of Covington and Burling write: In the early hours of Friday, 13 May, the European Parliament and the Council of the EU reached provisional political agreement on a new framework EU cybersecurity law, known as “NIS2”. This new law, which will replace the existing NIS Directive (which was agreed around the same…
Exploratory study into ransomware attacks in Dutch government services and companies
Cybercrimeinfo.nl writes: Statistics Netherlands (CBS), in collaboration with the National Cyber Security Center (NCSC), has conducted an exploratory study into ransomware attacks in Dutch government services and companies. The researchers looked at, among other things, the timeline and costs of attacks with ransomware. Due to the sensitivity of the collected data, the report has not been published…
Alert (AA22-137A): Weak Security Controls and Practices Routinely Exploited for Initial Access
Alert (AA22-137A) Weak Security Controls and Practices Routinely Exploited for Initial Access CISA Alert Published May 17, 2022: Summary Cyber actors routinely exploit poor security configurations (either misconfigured or left unsecured), weak controls, and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim’s system. This…
Mandiant Quietly Investigating Suspected Russian Intrusions
Katrina Manson reports: Right now, cyber investigators at Mandiant say they’re actively responding to more than a dozen live intrusions by Russian foreign intelligence services aimed at diplomats, military computers, defense contractors and other targets. […] One reason the Russian attacks aren’t making headlines is that, according to Mandiant’s findings, the actual number of them is roughly…
How criminals got away with hacking Pennsylvania unemployment accounts
Angie Moreschi reports: Paula Soffa is just one of the thousands of Pennsylvanians whose unemployment insurance account was hacked over the past year— not once, but twice. “They changed my password, they changed my username, and they changed my security questions,” Paula told 11 Investigates Angie Moreschi. “I was like what the heck! I was…