Clark County School District (CCSD) in Nevada informed parents and employees that they became aware of a “cybersecurity incident” on October 5. Three weeks later, the district had not fully recovered from the attack and parents were complaining about the district’s lack of transparency about what was stolen in the breach. Disturbingly, while the district…
Category: Commentaries and Analyses
France says Russian state hackers breached numerous critical networks
Bill Toulas reports: The Russian APT28 hacking group (aka ‘Strontium’ or ‘Fancy Bear’) has been targeting government entities, businesses, universities, research institutes, and think tanks in France since the second half of 2021. The threat group, which is considered part of Russia’s military intelligence service GRU, was recently linked to the exploitation of CVE-2023-38831, a remote…
Exclusive: Clark County School District student data begins to leak; CCSD doesn’t comment
Tiffany Lane reports: Problems continue for Clark County School District families and staff about a week and a half after being notified of a cyber security incident that happened earlier this month. Some parents say they received an email Wednesday with private information about their children. While they do not know if it is related to the…
Indian govt’s insistence that Aadhaar is secure rings hollow in wake of breaches
Joel R. McConvey reports: India is bleeding biometric information, with new data breaches giving credence to a recent report by the credit rating agency Moody’s warning that Aadhaar’s centralized biometric digital ID system has privacy and security vulnerabilities. A piece in Security Affairs reports that earlier this month, the cybersecurity firm Resecurity found hundreds of millions of records containing…
In The Age Of AI-Enabled Attacks, Should Every School Have A CISO?
Hari Ravichandran writes: … A report (download) from the U.S. Government Accountability Office (GAO) found that school districts lose between $50,000 and $1 million on average from cyberattacks, and recovery takes two to nine months on average. Schools are right up there with the energy, transportation and water sectors as well as hospitals as critical infrastructure…
Phishing Guidance: Stopping the Attack Cycle at Phase One
This guide was created by the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) to outline phishing techniques malicious actors commonly use and to provide guidance for both network defenders and software manufacturers. Phishing Guidance: Stopping the Attack Cycle at Phase…