Noura Aljizawi of the Citizen Lab at the University of Toronto’s Munk School of Global Affairs and Public Policy writes: Rawia* is a Syrian activist in Turkey and a mother of three beautiful children. She kept her children at home, locked the doors, closed the windows, and told them not to speak loudly so people…
Category: Commentaries and Analyses
Proposed $65 million Lehigh Valley Health Network data breach settlement may compensate some victims $80,000
In 2023, a ransomware attack against Lehigh Valley Health Network by AlphV (BlackCat) involved the threat actors leaking nude photos of some cancer patients. In reporting on one of the first class action lawsuits launched against LVHN, DataBreaches pointed out how significant this situation and litigation might be, in part, because of the nude photos…
Russian Military Cyber Actors Target U.S. and Global Critical Infrastructure
From a Joint Cybersecurity Advisory summary: The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes…
Russian military hackers linked to critical infrastructure attacks
Sergiu Gatlan reports: The United States and its allies have linked a group of Russian hackers (tracked as Cadet Blizzard and Ember Bear) behind global critical infrastructure attacks to Unit 29155 of Russia’s Main Directorate of the General Staff of the Armed Forces (also known as GRU). In a joint advisory published today, the Russian GRU military intelligence hackers,…
FTC Takes Action Against Security Camera Firm Verkada over Charges it Failed to Secure Videos, Other Personal Data and Violated CAN-SPAM Act
August 30, 2024 – The Federal Trade Commission will require security camera firm Verkada to develop and implement a comprehensive information security program to settle allegations the company failed to use appropriate information security practices, which allowed a hacker to access customers’ security cameras. Under a proposed order, which must be approved by a federal…
A new variant of Cicada ransomware targets VMware ESXi systems
Pierluigi Paganini reports: Cicada 3301 is a new ransomware-as-a-service (RaaS) operation that appeared in the threat landscape. The group appears to be very active and already listed 23 victims on its extortion portal since mid-June. The following image shows the list of victims published by the gang on its Dark Web leak site. […] The…