Jeongmin Kim and Nils Weisensee report: In a multilingual social engineering attack, North Korean hackers broke into several accounts of a prominent defector and used their access to send a malicious document to a contact working on DPRK issues, an NK News investigation found. The attackers also used one of the accounts to message journalists at NK News in…
Category: Commentaries and Analyses
Chinese hackers behind July 2021 SolarWinds zero-day attacks
Catalin Cimpanu reports: In mid-July this year, Texas-based software provider SolarWinds released an emergency security update to patch a zero-day in its Serv-U file transferring technology that was being exploited in the wild. At the time, SolarWinds did not share any details about the attacks and only said that it learned of the bug from…
NC: Sandhills Center Provides Notice of Potential Data Theft
On July 30, 2021, DataBreaches.net reported on a claimed cyberattack against Sandhills Center in North Carolina. Data for sale had shown up on the “Marketo” site, and when DataBreaches.net looked at the “proof packs,” of data, they included psychological evaluations and other documents with personal and sensitive information. Much of the data was old, and…
Private information of 2,841 students accidentally released; School division did not make proper notice — regulator
CBC reports: A recent report by the Saskatchewan information and privacy commissioner’s office revealed that private information of 2,841 students was accidentally made public last year. The records in question included students’ names, identification numbers, phone numbers, grades and parent email addresses. The school division, which is in southwest Saskatchewan and has more than 6,000…
Car Hacking Danger Is Likely Closer Than You Think
Sebastian Blanco reports: It is impossible to remotely hack into an unconnected car. But if you’re not driving the latest vehicle from Tautology Motors, your vehicle is likely at risk from some sort of digital intrusion. In fact, almost every car on the road today, if it can connect, can be hacked to some degree….
Before you leave for the holiday weekend, if you haven’t left already…
The government issued a warning this week reminding people that threat actors are likely to attack when entities are short-staffed due to weekends or holidays. Brett Callow posted an interesting graphic on Twitter that may help drive that point home: “What did you do last weekend, Mrs Ransomware Criminal?” “Oh, not much. I was busy…