A DataBreaches.net exclusive: It is not uncommon for a firm to deny allegations that they have been breached. It is not uncommon for a firm to acknowledge that there has been a breach but claim that it is not as dramatic as a researcher might claim. And it is not uncommon for researchers to receive…
Category: Commentaries and Analyses
Worldwide phishing attacks deliver three new malware strains
Sergiu Gatlan reports: A global-scale phishing campaign targeted worldwide organizations across an extensive array of industries with never-before-seen malware strains delivered via specially-tailored lures. The attacks hit at least 50 orgs from a wide variety of industries in two waves, on December 2nd and between December 11th and 18th, according to a Mandiant report published today. UNC2529,…
Circuit Split No More: 2nd Circuit Clarifies Article III Standing in Data Breach Cases
Lissette C. Payne of Bradley writes: While more states push forward on new privacy legislation statutorily granting consumers the right to litigate control of their personal information, federal courts continue to ponder how data breach injury fits traditional standing requirements. Previous to McMorris v. Carlos Lopez, McMorris v. Carlos Lopez & Assocs., LLC, many have argued there was a circuit split…
Australia proposes teaching cyber-security to five-year-old kids
Simon Sharwood reports: Australia has decided that six-year-old children need education on cyber-security, even as it removes other material from the national curriculum. A newly revised draft of the national curriculum for children aged five to sixteen, launched yesterday, added a new strand titled “Considering privacy and security” that “involves students developing appropriate techniques for…
Sg: Data breach alerts in Singapore up on new reporting rules, more cyber threats: Experts
Kenny Chee reports: The number of data breach alerts Singapore’s data protection watchdog received tripled in the February-March period compared with the previous two months. This comes amid a string of potential personal data leaks reported in recent months. Legal and information technology security experts said the increase could have been due to a new data breach…
How Cybercriminals Abuse OpenBullet for Credential Stuffing
Cedric Pernet, Fyodor Yarochkin, and Vladimir Kropotov write: … The trend for access-related cybercrime, such as credential stuffing, is steadily rising with no sign of slowing down. According to an Akamai report, there has been a total of 88 billion credential stuffing attacks from January 2018 to December 2019. Credential stuffing, a type of a…