Vyacheslav Kopeytsev and Seongsu Park write: We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. After taking a closer look,…
Category: Commentaries and Analyses
Privacy Policy Ponderings
Matt Fisher writes: … Could a Privacy Policy be viewed as a contract of adhesion? First, that raises the question of what exactly is a contract of adhesion. It can be a standard form contract that is drafted by one party, often with more leverage, and presented to another party for acceptance without the opportunity…
Insider Cloud Data Theft Plagues Healthcare Sector
Phil Muncaster reports: Over a third (35%) of global healthcare organizations suffered cloud data theft by malicious insiders last year, according to data from Netwrix. The findings come from the security vendor’s 2021 Netwrix Cloud Data Security Report, based on interviews with 937 IT professionals around the world. It claimed that while insider theft was less…
India second only to Japan in Asia Pacic in cyberattacks faced in 2020
Economic Times reports: India was second only to Japan in Asia Pacic in number of cyberattacks faced in 2020, accounting for 7% of all attacks in the region, according to an IBM report released on Wednesday. Finance and insurance emerged as the most vulnerable sectors, followed by manufacturing and professional services, according to the 2021…
Jamaica’s Amber Group fixes second JamCOVID security lapse
Zack Whittaker reports: Amber Group has fixed a second security lapse that exposed private keys and passwords for the government’s JamCOVID app and website. A security researcher told TechCrunch on Sunday that the Amber Group left a file on the JamCOVID website by mistake, which contained passwords that would have granted access to the backend…
Ukraine says Russian hackers attacked state document system
Reuters reports: Ukraine accused an unnamed group of Russian hackers on Wednesday (Feb 24) of trying to disseminate malicious documents through a web-based system on which government documents are circulated, but did not say whether any damage was caused. Kyiv has previously accused Moscow of orchestrating large cyber attacks as part of a “hybrid war”…