Lawrence Abrams reports: The REvil ransomware operation has added a new ability to encrypt files in Windows Safe Mode, likely to evade detection by security software and for greater success when encrypting files. Windows Safe Mode is a special startup mode that allows users to run administrative and diagnostic tasks on the operating system. This…
Category: Commentaries and Analyses
SG: Revised Guides on Managing Data Breach and Active Enforcement Now Available
An announcement from the Personal Data Protection Commission of Singapore: The PDPC has updated Guide to Managing Data Breaches 2.0 (now known as the Guide on Managing and Notifying Data Breaches under the PDPA) with details of the mandatory data breach notification requirement under the PDPA. Access the Guide here. The Guide on Active Enforcement has…
At-a-glance: the new UK Cyber Security Council
GRC World Forums writes: What is the new UK Cyber Security Council and what will it do? The council is a new independent body which the UK government says will “boost career opportunities and professional standards” in the cyber security sector. It is intended to be a single voice for the industry in the UK…
FBI releases annual IC3 crime report
The FBI Internet Crime Complaint Center (IC3) released their annual report. Overall, the statistics and trends are pretty much what we would have expected to see from reading the news every day. Complaints about crime increased year over year for the past 5 years, with the most significant increase in number of reports occurring in…
Arizona Complete Health notifies plan members of Accellion breach
On February 26, Arizona Complete Health notified plan members of the Accellion breach. According to the notification (see below), the threat actors (who have since self-identified as CLOP) were able to “view or save” member information between January 7 and January 25, 2021. The types of ePHI involved included insured members’ name and one or…
Line app allowed Chinese firm to access personal user data
Catalin Cimpanu reports: In a press conference today, the Japanese government announced it was investigating the parent company behind the Line instant messaging app after a local newspaper reported that engineers at one of the app’s Chinese contractors accessed the messages and personal details of Line users. Read more on The Record.