From Microsoft’s Blog: The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM, an actor Microsoft has tracked since 2017. SEABORGIUM is a threat actor that originates from Russia, with objectives and victimology that align closely with Russian state interests. Its campaigns involve persistent phishing and credential theft…
Category: Commentaries and Analyses
Alberta OIPC’s 2022 PIPA Breach Report – Trends and Key Takeaways
John Cassell, Imran Ahmad,and Miranda Sharpe of Norton Rose Fulbright write: On July 27, 2022, the Office of the Information and Privacy Commissioner of Alberta (OIPC) released its 2022 PIPA Breach Report.[1] The report analyzes the nearly 2,000 breach reports[2] received by the OIPC during the ten year period since reporting was mandated in Alberta under…
US regulator urges MFA and puts banks on notice – not reasonably protecting data is illegal
Jim Nash reports: A U.S. consumer finance regulator has published a circular warning that insufficient security for consumer biometric and other personal data is illegal under federal law. Multi-factor authentication is singled out as a method of making data security sufficient. Anyone reading that who still thinks it will never happen to them is invited…
AT&T denies connection to database of 23 million SSNs, says it may be tied to credit agency breach
Jonathan Greig reported: Telecommunications giant AT&T denied any connection to a database of stolen information that included the Social Security numbers of 23 million Americans. First reported by Brian Krebs, Milwaukee cybersecurity company Hold Security said it found a 3.6 GB file on a dark web platform that contained Social Security numbers and information belonging to…
Judge Investigates Alex Jones’ Legal Team After Sandy Hook Medical Records Are Leaked
Mary Papenfuss reports: The judge in a Sandy Hook defamation lawsuit against far-right conspiracy podcaster Alex Jones has launched an investigation of his legal team after the medical records of school parents were leaked. Medical and psychiatric records of some parents and relatives of the children killed in the 2012 mass shooting at Sandy Hook Elementary in…
CISA Alert (AA22-223A) #StopRansomware: Zeppelin Ransomware
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known Zeppelin ransomware IOCs and TTPs associated with ransomware variants identified through FBI investigations as recently as 21 June 2022. The FBI and CISA encourage organizations to implement the recommendations in the Mitigations section…