Commentaries and Analyses – Page 444

Hackers Breach Avast Antivirus Network Through Insecure VPN Profile

Posted on October 21, 2019 by Dissent

Ionut Ilascu reports: Hackers accessed the internal network of Czech cybersecurity company Avast, likely aiming for a supply chain attack targeting CCleaner. Detected on September 25, intrusion attempts started since May 14. Following an investigation, the antivirus maker determined that the attacker was able to gain access using compromised credentials via a temporary VPN account….

Russian cyberattack unit ‘masqueraded’ as Iranian hackers, UK says

Posted on October 21, 2019 by Dissent

Helen Warrell in London and Henry Foy report: A Russian cyber espionage unit has hacked Iranian hackers to lead attacks in more than 35 countries, a joint UK and US investigation has revealed. The so-called Turla group, which has been linked with Russian intelligence, allegedly hijacked the tools of Oilrig, a group widely linked to the…

Everything’s broken, Monday edition (medical data leaks)

Posted on October 21, 2019 by Dissent

It seems that every week I hear from researchers who find patient data or medical data exposed. And I know some of them spend inordinate amounts of time trying to contact entities to get them to secure their unsecured sensitive data. Some of these researchers do this for no pay and no expectation or hope…

Mishandling of Veterans’ Sensitive Personal Information on VA Shared Network Drives — Audit by Veterans Affairs OIG

Posted on October 18, 2019 by Dissent

VA OIG 19-06125-218 | October 17, 2019 From the Executive Summary: The OIG team found that veterans’ sensitive personal information was left unprotected on two shared network drives, where it was accessible to VSO officers who did not represent those veterans. Senior Office of Information and Technology (OIT) representatives told the team that other authenticated…

MS: Tech audit suggests SCCSD vulnerable to hacking

Posted on October 17, 2019 by Dissent

Recardo Thomas reports: A technology audit by an independent firm revealed that the Sunflower County Consolidated School District is operating with some outdated technology that could place the district in a vulnerable position with hackers. Read more on Enterprise-Tocsin.com if you can. I can’t. 🙂

Stealthy Russian Hacker Group Resurfaces With Clever New Tricks

Posted on October 17, 2019 by Dissent

Andy Greenberg reports: In the notorious 2016 breach of the Democratic National Committee, the group of Russian hackers known as Fancy Bear stole the show, leaking the emails and documents they had obtained in a brazen campaign to sway the results of the US presidential election. But another, far quieter band of Kremlin hackers was inside…