Craig Schneider and Joie Tyrell report: Long Island schools suffered from at least 29 incidents of ransomware, computer hacks and other cyber incidents over the past three years, ranging from attacks that crippled computer networks to worker errors that exposed Social Security numbers, addresses and other private information, according to records obtained from the state Education…
Category: Commentaries and Analyses
In Act of Hacktivism, Open Source Project Maintainer Uses Code to Wipe Russian and Belarusian Computers
Scott Ikeda reports: Many criminal hacking gangs originate from Russia and nearby points in Eastern Europe, and their ransomware and malware is sometimes found with settings that automatically disable it if regional languages are set on the target computer. An open source project maintainer essentially did the opposite in protest of the war in Ukraine,…
Okta’s response to Lapsus$’s claimed hack has people asking, “Why didn’t you tell us in January?”
Yesterday was not a great day for Okta. Their CSO, David Bradbury, issued a statement responding to Lapsus$’s claimed hack, but his statement led to a counter-response by Lapsus$ and even more critically, perhaps, people started asking why, if Okta knew about something in January, they had not disclosed it then. First, here’s Bradbury’s statement:…
Japanese medical online consultation site leaking consumer-submitted images of symptoms
After multiple unsuccessful attempts to get a popular Japanese medical online consultation site to secure a misconfigured bucket, researchers at SafetyDetectives have decided to publicly disclose the leak. Doctors Me provides customers with on-demand access to professional medical advice. People can sign up for a monthly unlimited access plan (for less than $3.00 per month)…
The Obsession with Faster Cybersecurity Incident Reporting
Tim Erlin writes: Requirements for reporting cybersecurity incidents to some regulatory or government authority are not new, but there has always been a large amount of inconsistency, globally, in exactly what the requirements are. More recently, there’s been a growing trend across government and regulatory bodies in the United States towards shorter timeframes for reporting…
Newer Conti ransomware source code leaked out of revenge
“ContiLeaks,” generally believed to be a Ukrainian security researcher (although that is not confirmed), is at it again. Lawrence Abrams reports that they have now leaked newer malware source code for Conti. Read more about it BleepingComputer.