Connor Jones reports: A vulnerability analyst and prominent member of the infosec industry has blasted Microsoft for refusing to look at a bug report unless he submitted a video alongside a written explanation. Senior principal vulnerability analyst Will Dormann said last week he contacted Microsoft Security Response Center (MSRC) with a clear description of the…
Category: Miscellaneous
Appellate court upholds sentence for former Uber cyber executive Joe Sullivan
Jonathan Greig reports: The conviction of former Uber chief security officer Joe Sullivan on obstruction of justice charges was upheld by the U.S. Court of Appeals for the Ninth Circuit in California this week after the cybersecurity expert disputed several aspects of his sentence and charges. Sullivan was given three years probation by a U.S….
White House cyber director’s office set for more power under Trump, experts say
Suzanne Smalley reports: The Office of the National Cyber Director (ONCD) is poised to become a stronger force in the second Trump administration and will finally operate as the executive branch cybersecurity policy lead that Congress envisioned when establishing it in 2021, experts say. President Donald Trump’s selection of Sean Cairncross to lead the office signals that…
Bogus ‘BianLian’ Gang Sends Snail-Mail Extortion Letters
Elizabeth Montalbano reports: Someone claiming to represent the BianLian ransomware group is sending top executives from various organizations snail-mail extortion letters informing them that their IT network has been compromised and threatening to delete or leak sensitive company data. Sending physical letters through the mail system is an unusual move for a cybercriminal group, which typically sends…
Rite Aid Agrees to $6.8M Settlement Over Data Breach Lawsuit
Rihem Akkouche reports: In a dramatic legal turn, Rite Aid has consented to a $6.8 million settlement to resolve class action allegations that it failed to prevent a cyberattack compromising the sensitive information of over 2 million customers. The settlement, preliminarily approved by U.S. District Judge Harvey Bartle III on Tuesday, allows claimants to receive up to…
Hackers Claim Data Breach at Bulgaria’s Supreme Administrative Court
Novinite reports: The Ransomhouse hacker group has claimed responsibility for stealing data from the Supreme Administrative Court’s information systems. The group published documents, including lists of employee names, personal data, and leave applications, as evidence of the breach, according to cybersecurity website Questona. Along with the leaked documents, the hackers addressed the court’s management with a message urging them to make contact….