Ainsley Harris reports: A few weeks ago, New York City’s 75,000 teachers scrambled to learn how to use videoconferencing services like Zoom as novel coronavirus cases began to rise and schools prepared to close their doors and institute remote learning. Now, the city’s teachers will have to scramble once more, after Department of Education Chancellor…
Category: Commentaries and Analyses
MT: DPC launches investigation after over 330,000 voters’ personal data leaked in security breach
Matthew Vella reports: The data protection commissioner will be launching an investigation after a massive security vulnerability – in a database containing information on 337,384 voters from Malta that was being held by a Maltese IT company – led it to be exposed without security. The data includes ID numbers, names, addresses, gender, phone numbers…
UK: Morrisons not liable for 2014 data breach, says Supreme Court
Alex Scroxton reports: Supermarket chain Morrisons has succeeded in its appeal to the Supreme Court against judgments that held it liable for an insider data breach caused by a disgruntled employee. In its unanimous judgment, the Supreme Court said previous judgments had fundamentally misunderstood the principles governing vicarious liability in a number of ways, most notably because…
Why COVID-19 makes the case to get rid of passwords
Ori Eisen, Founder and CEO, Trusona and William Dixon, Head of Operations, Centre for Cybersecurity, World Economic Forum have an opinion piece that had me wondering if this was an April Fool’s joke. It doesn’t seem to be. Here are the bullet points: Cybercriminals are exploiting COVID-19 to launch cyberattacks. Passwords are one of the…
The UK Cabinet is meeting on Zoom… here’s the meeting ID
Yesterday, Graham Cluley wrote: UK Prime Minister Boris Johnson announced on Twitter this afternoon that he was chairing the first ever digital Cabinet, while he self-isolated himself at Downing Street after revealing he was suffering “mild symptoms” of Coronavirus. Johnson included in the tweet a screenshot of his desktop, showing there were 35 participants on the Zoom…
REvil Ransomware-as-a-Service – An analysis of a ransomware affiliate operation
From Intel471’s Malware Intelligence Team: REvil aka Sodinokibi, Sodin is a ransomware family operated as a ransomware-as-a-service (RaaS). Deployments of REvil first were observed in April 2019, where attackers leveraged a vulnerability in Oracle WebLogic servers tracked as CVE-2019-2725. REvil is highly configurable and allows operators to customize the way it behaves on the infected…