Stefan Soesanto writes: The German Ministry of Foreign Affairs informed Moscow on May 28 that the German federal prosecutor had issued a sealed arrest warrant for Russian military intelligence officer Dmitriy Sergeyevich Badin over the 2015 Bundestag hack. Among other items, the hack resulted in the exfiltration of 16 GB of sensitive emails and documents and necessitated…
Category: Commentaries and Analyses
NYS: Comptroller’s audits continue: Urban Choice Charter School
For a number of years now, I’ve noted NYS comptroller audits of school districts when it comes to IT and infosecurity. Here’s one that was recently released concerning Urban Choice Charter School in Rochester: Issued Date June 12, 2020 Audit Objective Determine whether the Board and School officials ensured information technology (IT) assets were safeguarded….
A new Malware strain dubbed as ‘Lucifer’ is affecting most of the Windows PCs, abusing critical vulnerabilities
Metal Messiah reports: A new variant of a powerful cryptojacking and DDoS-based malware is exploiting severe vulnerabilities in Windows machines, and affecting them in the process. Dubbed as “Lucifer”, this new malware is part of an active campaign against Windows hosts and uses a variety of ‘exploits’ in the latest wave of attacks, Palo Alto Networks’…
LifeLabs failed to protect the personal health information of millions of Canadians- Privacy Commissioners
In November, 2019, Canadian testing laboratory provider LifeLabs disclosed a data breach. In February, 2020, it tried to block regulators from accessing a report on the breach prepared for it by Crowdstrike. Today, the B.C. and Ontario privacy commissioners released their report on the incident. It was highly critical of LifeLabs. Knowing that the report…
FBI warns K12 schools of ransomware attacks via RDP
Catalin Cimpanu reports: The US Federal Bureau of Investigation sent out on Tuesday a security alert to K12 schools about the increase in ransomware attacks during the coronavirus (COVID-19) pandemic, and especially about ransomware gangs that abuse RDP connections to break into school systems. The alert, called a Private Industry Notification, or PIN, tells schools…
Ca: Security lapses in eHealth system increased risk of cyberattack, says auditor
Arthur White-Crummey reports: After finding numerous security gaps on laptops, tablets and smartphones connected to the eHealth system, Saskatchewan’s provincial auditor warned they could increase the risk of cyberattacks like the one that compromised sensitive personal information late last year. Judy Ferguson’s office identified unencrypted devices, inappropriate security settings, unrestricted USB ports and untrained staff…