The Office of Inadequate Security
Bill Toulas reports: The Dstat.cc DDoS review platform has been seized by law enforcement, and two suspects have been arrested after the service helped fuel distributed denial-of-service attacks for years. The seizure and arrests were conducted as part of “Operation PowerOFF,” an ongoing international law enforcement operation that targets DDoS-for-hire platforms, aka “booters” or “stressers,” to…
The Norwegian data protection authority (Datatilsynet) has imposed an administrative fine of NOK 250,000 [USD $22,669.69] on Grue municipality for breach of GDPR requirements. They explain: Personal data that should have been confidential was made available to unauthorised persons in the municipality’s public records. This constitutes a breach of the municipality’s duty to ensure adequate…
Funny how Russia doesn’t like it when someone interferes with their elections, huh? Daryna Antoniuk reports: Russia’s Federal Security Service (FSB) announced that it had detained a Moscow resident for conducting distributed denial-of-service (DDoS) attacks during local elections in September, targeting infrastructure in the capital and the Moscow region. According to the agency’s press service, the…
Iain Thomson reports: The French equivalent of the US Secret Service may have been letting their guard down, as an investigation showed they are easily trackable via the fitness app Strava. An investigation by Le Monde has shown that members of the Security Group for the Presidency of the Republic (GSPR) have been openly displaying…
Harvey Cashore, Daniel Leblanc report: At the height of this year’s tax season, the Canada Revenue Agency discovered that hackers had obtained confidential data used by one of the country’s largest tax preparation firms, H&R Block Canada. Imposters used the company’s confidential credentials to get unauthorized access into hundreds of Canadians’ personal CRA accounts, change…
Mathew J. Schwartz reports: Potential Ukrainian military recruits are being targeted with malware and anti-mobilization messaging through legitimate Telegram channels. A report from Google’s Threat Intelligence Group attributes the “hybrid espionage and information operation” to a suspected Russian group, codenamed UNC5812, whose Telegram persona goes by the handle “Civil Defense.” Telegram remains a vital source of information…