Three advisories have been released this week about threat actor groups. One involves ALTDOS, one involves HIVE, and one involves the “OnePercent Group,” whose name may not sound familiar to many. ALTDOS (Joint Advisory) It appears that ALTDOS is getting some serious attention from Singapore’s CSA and other agencies in Singapore. These threat actors who…
Category: Commentaries and Analyses
Alibaba Cloud data leak ‘violated Cybersecurity Law’ in 2019 and must rectify, local Chinese telecoms regulator says
Coco Feng reports: The telecoms authority of China’s eastern Zhejiang province has told the cloud computing unit of Alibaba Group Holding that it violated the country’s Cybersecurity Law and should make rectifications following a complaint about a 2019 information leak. In a letter dated July 5, the Zhejiang Communications Administration (ZCA) said it found Alibaba Cloud “disclosed…
Hackers Release Data Trove From Belarus in Bid to Overthrow Lukashenko Regime
Ryan Gallagher reports: Opponents of the Belarus government said they have pulled off an audacious hack that has compromised dozens of police and interior ministry databases as part of a broad effort to overthrow President Alexander Lukashenko’s regime. The Belarusian Cyber Partisans, as the hackers call themselves, have in recent weeks released portions of a huge data trove…
Au: Latest OAIC data breach report: a reduction in notifications but persistent concerns about cyber security incidents
Kate Marshall, Veronica Scott, and Jason Kaye of KPMG Law write: The Office of the Australian Information Commissioner (OAIC) now releases bi-annual reports on data breaches that are reported under the Notifiable Data Breaches (NDB) scheme in the Privacy Act 1988 (Cth) (Privacy Act). Its latest report for the period of January 2021 to June 2021 show…
Internal emails raise questions about government’s investigation into Walgreens privacy breach
I am so glad to see a follow-up on this case because I had the same questions about how and why Walgreens did not suffer the same federal penalties as CVS and Rite Aid for the same infringement of HIPAA. My original coverage of this breach is no longer online as the former version of…
A new NSO zero-click attack evades Apple’s iPhone security protections, says Citizen Lab
Zack Whittaker reports: A Bahraini human rights activist’s iPhone was silently hacked earlier this year by a powerful spyware sold to nation-states, defeating new security protections that Apple designed to withstand covert compromises, say researchers at Citizen Lab. The activist, who remains in Bahrain and asked not to be named, is a member of the Bahrain Center for…