Zack Whittaker reports: Homeland Security’s cybersecurity division is pushing to change the law that would allow it to demand information from internet providers that would identify the owners of vulnerable systems, TechCrunch has learned. Sources familiar with the proposal say the Cybersecurity and Infrastructure Security Agency (CISA), founded just less than a year ago, wants the…
Category: Commentaries and Analyses
Muhstik Ransomware Victim Hacks Back, Releases Decryption Keys
Yes, I know law enforcement always publicly advises against hacking back, but sometimes you just want to cheer when hacking back thwarts the bad guys. Lawrence Abrams reports: A victim of the Muhstik Ransomware has hacked back against his attackers and released close to 3,000 decryption keys for victims along with a free decryptor to…
Taconic Biosciences settles lawsuit stemming from 2017 W-2 phishing breach (updated)
One of the victim companies of a W-2 phishing attack that this site reported in 2017 was a New York firm called Taconic Biocences. A copy of their notification to the Maryland Attorney General’s Office is still available online, here. Recently, News10 in New York reported that there has been a $2.7 million settlement in…
Switzerland stops information exchange with Bulgaria
Cristian Angeloni reports: The Swiss Federal Council has halted its automatic exchange of information (AEOI) agreement with Bulgaria. The move follows a problem with data security in the Eastern European country in July 2019, when a leak exposed financial account information of four million Bulgarians and foreign taxpayers. Although the Bulgarian National Revenue Agency was…
ED can withhold names of tax evaders in Panama Papers: Central Information Commission
PTI reports: The names of alleged tax evaders appearing in the Panama Papers leak can be withheld by the Enforcement Directorate from disclosure, the Central Information Commission has held. The Commission made these observations while deciding the plea of Durga Prasad Choudhary who did not get a satisfactory response from the agency on his RTI…
Public dataset to help researchers predict malicious activity
Sara Barker reports: Australian researchers have created what they are calling ‘the largest public available dataset of malicious internet activity’ of its kind. They hope it will help cybersecurity specialists predict what security threats the future could bring. CRISO’s Data61, Macquarie University, University of Sydney, and Nokia Bell Labs developed the dataset, called FinalBlacklist, that…