VA OIG 19-06125-218 | October 17, 2019 From the Executive Summary: The OIG team found that veterans’ sensitive personal information was left unprotected on two shared network drives, where it was accessible to VSO officers who did not represent those veterans. Senior Office of Information and Technology (OIT) representatives told the team that other authenticated…
Category: Commentaries and Analyses
MS: Tech audit suggests SCCSD vulnerable to hacking
Recardo Thomas reports: A technology audit by an independent firm revealed that the Sunflower County Consolidated School District is operating with some outdated technology that could place the district in a vulnerable position with hackers. Read more on Enterprise-Tocsin.com if you can. I can’t. 🙂
Stealthy Russian Hacker Group Resurfaces With Clever New Tricks
Andy Greenberg reports: In the notorious 2016 breach of the Democratic National Committee, the group of Russian hackers known as Fancy Bear stole the show, leaking the emails and documents they had obtained in a brazen campaign to sway the results of the US presidential election. But another, far quieter band of Kremlin hackers was inside…
No Kremlin Link Found to Russian Hacker Awaiting Extradition in Israel; One of Top 100 Hackers in the World?
Josh Breiner, Bar Peleg and Liza Rozovsky report: The U.S. Secret Service did not find any links between Russian hacker Aleksey Burkov and Russian intelligence, or any other government officials, the special agent who led the investigation, Erik Rasmussen, told Haaretz. Burkov’s name never came up in security contexts, or in Russian involvement in the…
NYS Comptroller IT audit reports on public school districts reveals concerning lack of security
The NYS Comptroller’s Office released a number of IT audit reports for k-12 public school districts this month. Their findings will come as no surprise to regular readers of this site. Belleville-Henderson Central School District: You can read the complete report here (pdf), although the state omitted sensitive details from the public report that it…
Phorpiex botnet made $115,000 in five months just from mass-spamming sextortion emails
Catalin Cimpanu reports: Researchers at cyber-security firm Check Point say they’ve tracked one of the sources of the recent rise in sextortion emails to a good ol’ friend — the Phorpiex spam botnet, also known as Trik. Check Point says that since April, they’ve seen the botnet send out multiple spam campaigns with a “sextortion” lure —…