Davey Winder reports: … I can exclusively report that threat intelligence specialist Cyjax has today published an in-depth analysis delving deep into the heart of the Trickbot cybergang. Months of painstaking research through hundreds of leaked documents has resulted in what is possibly the most comprehensive breakdown of a significant international cybercrime syndicate I’ve seen. Covering…
Category: Of Note
Oklahoma State University – Center for Health Services Pays $875,000 to Settle Hacking Breach
There’s an update to a breach previously reported on this site in 2018. From HHS: Oklahoma State University – Center for Health Sciences (OSU-CHS) has paid $875,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and agreed to implement a corrective action plan to settle potential…
DHS: Cyber Safety Review Board Releases Unprecedented Report of its Review into Log4j Vulnerabilities and Response
Report Includes 19 Specific Recommendations for Government and Industry WASHINGTON – Today, the U.S. Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) first report, which includes 19 actionable recommendations for government and industry. The recommendations from the CSRB – an unprecedented public-private initiative that brings together government and industry leaders to…
Software Engineer Joshua Schulte Convicted In Biggest Theft Ever Of CIA Secrets
Joshua Schulte, who called himself “Bad Ass,” and who was also called “Voldemort” by colleagues in the C.I.A.’s Operations Support Branch, was convicted by a federal court jury in New York of sending the CIA’s “Vault 7” cyber-warfare tools to WikiLeaks in 2017. Larry Neumeister and Tom Hays of AP report: A former CIA software…
FREE RESOURCE: K12 SIX Releases Essential Cyber Incident Response Runbook
HERNDON, Va., July 13, 2022–(BUSINESS WIRE)–The K12 Security Information Exchange (K12 SIX) is pleased to release the second product in its series of free cybersecurity aids for U.S. school districts, charter schools, and private school institutions: an incident response template and runbook to assist in preparation for a cyber-attack. Aligned to the NIST Incident Response Lifecycle—and developed with…
Au: Infrastructure companies must report cyberattacks within 12 hours
Tom Burton reports: Critical infrastructure operators must now report significant cyber breaches to the federal government within 12 hours of an attack, following the expiry of a three-month grace period that enabled nearly 2500 of them to prepare for the new rules. Owners of electricity, gas, ports and water, and sewerage assets are also required…