William Turton and Kartikay Mehrotra report: The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password, according to a cybersecurity consultant who responded to the attack. Hackers gained entry into the networks of Colonial Pipeline Co. on…
Category: Commentaries and Analyses
Imperva: 75.9% of stolen data in breaches involve personal information
VB reports: In an analysis of more than 100 of the biggest and most well-known data breaches of the last decade, Imperva Research Labs found that 75.9% of data stolen in these breaches was personally identifiable information (PII). An in-depth analysis of more than 100 of the largest data breaches in the past decade by Imperva Research Labs reveals a bleak…
DOJ Announces New Guidance Tackling Ransomware Attacks
Kaila Philo reports that in the wake of some big ransomware attacks, DOJ has issued new guidance. Deputy Attorney General Lisa Monaco released an internal memo late Thursday detailing new guidance on how to tackle cyber-attacks as a result. These recent ransomware attacks “underscore the growing threat that ransomware and digital extortion pose to the Nation, and…
Diverse six-justice majority rejects broad reading of computer-fraud law
Ronald Mann writes: The Supreme Court’s decision on Thursday in Van Buren v. United States provides the court’s first serious look at one of the most important criminal statutes involving computer-related crime, the federal Computer Fraud and Abuse Act. Justice Amy Coney Barrett’s opinion for a majority 0f six firmly rejected the broad reading of that statute that the…
IBM gives grants to some k-12 districts to harden security against ransomware attacks
Charlie Osborne reports: All United States public K-12 school districts were eligible to apply for the grants, designed to help school officials “proactively prepare for and respond to cyberattacks.” The grants, worth $500,000 each, have been awarded to school districts in Florida (Brevard Public Schools), New York (Poughkeepsie City School District), Georgia (KIPP Metro Atlanta Schools),…
Claiming to be the “new generation,” threat actors declare, “No more discounts or long negotiations”
This week saw the emergence of a new group calling themself “Pay or Grief.” Or maybe they call themselves “Grief” or “Grief_List.” I really am not sure because they haven’t responded to simple questions like “What do we call you?” In any event, DataBreaches.net noted two of their attacks and now SuspectFile was able to…