Catalin Cimpanu reports: The US government has sanctioned today four companies that develop and sell spyware and other hacking tools, the US Department of Commerce announced today. The four companies include Israel’s NSO Group and Candiru, Russian security firm Positive Technologies, and Singapore-based Computer Security Initiative Consultancy. Read more on The Record.
Category: Commentaries and Analyses
UK: Are monetary penalties really a deterrent to data protection violations if few companies actually pay up?
I received an email today that made me think. It promised not to bother me about cottage cheese (see the Footer for context), and indeed, it offered me something of substance with no money exchanging hands at all. It seems TheSMSWorks had followed up on monetary penalties levied by the U.K.’s Information Commissioner’s Office and…
Jukin Media hacked and data dumped; company claims a password reset is required due to a “security upgrade”
On Wednesday, Jukin Media posted a notice on its site requiring users to reset their passwords. They said the reset was due to a “security upgrade.” By now, whenever I see announcements about what seems to be an unplanned or unscheduled reset, I suspect a breach, so I reached out to Jukin Media’s Twitter team…
European Parliament Adopts Draft Cybersecurity Directive
Hunton Andrews Kurth blog reports: On October 28, 2021, the European Parliament’s Committee on Industry, Research and Energy adopted a draft directive on cybersecurity (“NIS2 Directive”). The NIS2 Directive will broaden the scope of the existing NIS Directive to apply to “important sectors,” such as waste management, postal services, chemicals, food, medical device manufacturers, digital providers and…
Schools across the nation are getting hit with ransomware attacks—but they won’t admit how much it’s costing them
Grace Ferguson reports: When the personal information of students and employees at Fairfax County Public Schools showed up on the dark web in October 2020, the Virginia school district had been in a standoff with hackers for nearly a month. Even with help from the FBI, Virginia State Police, and a hired cybersecurity firm, the district…
The ‘Groove’ Ransomware Gang Appears to Have Been a Hoax — But Was Any of It Real?
Brian Krebs writes: A number of publications in September warned about the emergence of “Groove,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists. You can read more…