From the Center for Internet Security: K-12 cybersecurity personnel, IT professionals, and leaders have faced significant challenges over the last several years. They’ve had to wade through operational and technological complexities as a result of shifting between in-person, virtual, and hybrid schooling. Simultaneously, they’ve found themselves one of the primary targets of cyber threat actors as…
Category: Of Note
New AxLocker ransomware encrypts files, then steals your Discord account
Bill Toulas reports: The new ‘AXLocker’ ransomware family is not only encrypting victims’ files and demanding a ransom payment but also stealing the Discord accounts of infected users. When a user logs into Discord with their credentials, the platform sends back a user authentication token saved on the computer. This token can then be used…
Researchers Quietly Cracked Zeppelin Ransomware Keys
Brian Krebs reports: Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “Zeppelin” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. After two weeks…
Vanuatu island hit by ransom attack, cripples government
WION reports: The small archipelago of the South Pacific Ocean, Vanuatu, was attacked by ransomware on 4 November, Friday and stranded the country for over a week. According to civil servants in the government, they noticed that their official emails started bouncing back from government addresses, this was the first sign when they found that…
PA: Media’s reporting on breach led to new state data breach law
Rick Earle reports: An exclusive Target 11 investigation into a massive data breach last year has led to a new state law meant to protect every citizen of the Commonwealth. Target 11 Investigator Rick Earle broke the story of that data breach last April and now because of his reporting, state lawmakers passed legislation requiring timely notification of…
New South Wales gets first state-based data breach notice scheme
Justin Hendry reports: New South Wales will have Australia’s first mandatory data breach notification scheme for public sector entities in place within a year after state government legislation passed Parliament. The Privacy and Personal Information Protection Amendment Bill underpinning the long-promised regime sailed through the Legislative Council last night without amendment, having passed the Legislative Assembly…