Well, this is not exactly what I suggested yesterday on Twitter as a strategy (I suggested that every ransomware group that hits the medical sector should be declared a terrorist organization and put on the Treasury’s sanctioned list), but it could help. Ian Talley and Dustin Volz report: The Biden administration is preparing an array…
Category: Commentaries and Analyses
Illinois Man Convicted of Federal Criminal Charges for Operating Subscription-Based Computer Attack Platforms
LOS ANGELES – An Illinois man was found guilty today by a federal jury for running websites that allowed paying users to launch powerful distributed denial of service, or DDoS, attacks that flood targeted computers with information and prevent them from being able to access the internet. Matthew Gatrel, 32, of St. Charles, Illinois, was found…
Credential leak fears raised following security breach at Travis CI
John Leyden reports: Concern is growing within the infosec community that a breach at DevOps platform vendor Travis CI might run deeper than the firm has so far been prepared to admit. Travis CI, a continuous integration and continuous delivery (CI/CD) service for cloud platform projects, admitted to an issue in a post on its community forums while also…
Office of the Privacy Commissioner for Bermuda Issues Data Breach Guide
Odia Kagan of Fox Rothschild writes: The Office of the Privacy Commissioner for Bermuda has issued a helpful guide on the various types of harm that could be caused by a data breach. The office also referred to the Future of Privacy Forum research on potential harms. Read more here, In their guidance, the Bermuda privacy…
Exposed Payment Integration API Keys Imperil Millions of Users’ Transaction Details and PII
Arshit Jain and Sai Ahladini Tripathy report some findings concerning the risk of unauthorized access to API keys enabling acquisition of sensitive or critical data. A recent investigation by CloudSEK found that a range of companies have mobile apps with API keys that are hardcoded in the app packages. “These keys could be easily discovered…
Are “corrupt my file” sites safe? Here’s why to avoid corrupt-a-file services
Am I the last one to know about “corrupt my file” sites? Joshua Long reports that apart from file corruption that occurs accidentally in our lives or in some cases intentionally by malware, there are sites that will intentionally corrupt a file for you. While that may seem entirely counterproductive, corrupt-a-file sites make claims such…