Gareth Corfield has a commentary on a recent case where a researcher found himself threatened legally. It begins: IT pro Rob Dyke says an NHS-backed company not only threatened him with legal action after he flagged up an exposed GitHub repository containing credentials and insecure code, it even called the police on him. Dyke, who…
Category: Commentaries and Analyses
Meet Lorenz — A new ransomware gang targeting the enterprise
Lawrence Abrams reports: A new ransomware operation known as Lorenz targets organizations worldwide with customized attacks demanding hundreds of thousands of dollars in ransoms. The Lorenz ransomware gang began operating last month and has since amassed a growing list of victims whose stolen data has been published on a ransomware data leak site. Michael Gillespie…
Georgia’s HB 156, requiring state notice for utility cybersecurity incidents, is now in effect
Lael Bellamy and Emily Maus of DLA Piper write: Georgia’s governor has signed into law House Bill 156, creating specific notice requirements for state agencies and utilities that experience cybersecurity attacks, data breaches or malware and requiring notice to the state director of emergency management in Georgia within two hours of notifying the federal emergency…
Operator of WeLeakInfo database marketplace sentenced to two years in prison
Catalin Cimpanu reports: One of the three operators of WeLeakInfo, a website that sold access to hacked databases, was sentenced today in the Netherlands to two years in prison, with one year suspended. In court proceedings that took place earlier this year, the suspect, a 23-year-old whose name was not released, admitted to managing the…
PA: Acting Secretary Of Health And Deputy Don’t Testify At Contact Tracing Data Breach Hearing
Meghan Schiller reports: t’s a battle between transparency and legal quagmire: who should answer questions about the data breach of private health information for some 70,000 Pennsylvanians? KDKA’s Meghan Schiller talked to one local state senator who tried to get the conversation started but said it ended in silence. “It’s great to ask questions that…
Now ransomware is inundating public school systems
Robert R. Ackerman Jr. reports: Almost every American adult knows that cyberattacks and breaches are ubiquitous and have primarily targeted companies and government entities. They might even know that the single most common breach these days is ransomware, a malicious process by which hackers dismantle computer systems and don’t fix them until a ransom is…