Ryan Gallagher reports: Opponents of the Belarus government said they have pulled off an audacious hack that has compromised dozens of police and interior ministry databases as part of a broad effort to overthrow President Alexander Lukashenko’s regime. The Belarusian Cyber Partisans, as the hackers call themselves, have in recent weeks released portions of a huge data trove…
Category: Commentaries and Analyses
Au: Latest OAIC data breach report: a reduction in notifications but persistent concerns about cyber security incidents
Kate Marshall, Veronica Scott, and Jason Kaye of KPMG Law write: The Office of the Australian Information Commissioner (OAIC) now releases bi-annual reports on data breaches that are reported under the Notifiable Data Breaches (NDB) scheme in the Privacy Act 1988 (Cth) (Privacy Act). Its latest report for the period of January 2021 to June 2021 show…
Internal emails raise questions about government’s investigation into Walgreens privacy breach
I am so glad to see a follow-up on this case because I had the same questions about how and why Walgreens did not suffer the same federal penalties as CVS and Rite Aid for the same infringement of HIPAA. My original coverage of this breach is no longer online as the former version of…
A new NSO zero-click attack evades Apple’s iPhone security protections, says Citizen Lab
Zack Whittaker reports: A Bahraini human rights activist’s iPhone was silently hacked earlier this year by a powerful spyware sold to nation-states, defeating new security protections that Apple designed to withstand covert compromises, say researchers at Citizen Lab. The activist, who remains in Bahrain and asked not to be named, is a member of the Bahrain Center for…
Pysa threat actors’ script shows exactly the files they’re after
Lawrence Abrams reports: A PowerShell script used by the Pysa ransomware operation gives us a sneak peek at the types of data they attempt to steal during a cyberattack. […] Yesterday, MalwareHunterTeam shared a PowerShell script with BleepingComputer used by the Pysa ransomware operation to search for and exfiltrate data from a server. This script is designed…
Federal Court Finds Article III Standing In Data Event Litigation But Dismisses Majority of Plaintiff’s Claims Under Rule 12(b)(6)
Katie Sharpless of Squire Patton Boggs writes: CPW previously has covered multiple decisions that address Article III standing requirements for pleading a claim in federal court. A recent decision out of a federal court in Missouri is an example of a Court finding that Plaintiff properly alleged facts to constitute standing in a data event…