Elizabeth Montalbano reports: A new callback phishing campaign is impersonating prominent security companies to try to trick potential victims into making a phone call that will instruct them to download malware. Researchers at CrowdStrike Intelligence discovered the campaign because CrowdStrike is actually one of the companies, among other security firms, being impersonated, they said in…
Category: Of Note
US govt warns of Maui ransomware attacks against healthcare orgs
Sergiu Gatlan reports: The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. Starting in May 2021, the FBI has responded to and detected multiple Maui ransomware attacks impacting HPH Sector orgs across the U.S….
The Norwegian SA issues fine to the Municipality of Østre Toten for flawed information security
Seen on the website of the European Data Protection Board, a decision by Norway’s data protection regulator imposed a 400,000 Eur fine (NOK 4 million) on a municipality that suffered a ransomware attack. The Norwegian Supervisory Authority found that the municipality’s security for personal data was seriously flawed and inadequate. Summary of the Decision Origin…
UK: ICO and NCSC stand together against ransomware payments being made
A joint letter addressed to the Law Society and signed by the U.K.’s Information Commissioner’s Office and NCSC is causing waves in cybersecurity circles. The following is the press release accompanying it: July 8 – Solicitors are today being asked to play their part in keeping the UK safe online by helping to tackle the…
Pro-Kremlin hackers Killnet hit Latvia with biggest cyberattack in its history
Oliver Moody reports: Latvia has come under the most intense wave of cyberattacks in its history, including a 12-hour onslaught on its public broadcasting centre, according to a senior Nato official. The Baltic state appears to have been targeted by pro-Kremlin hackers because of a series of assertive steps such as bringing back conscription and drawing…
Ca: How the court bolstered an insurer’s exclusion for privacy breach
David Gambrill reports: Acting recklessly in breaching the confidential medical files of patients effectively falls within a hospital insurer’s commercial policy exclusion for committing an ‘intentional act,’ Ontario’s top court has ruled. The Ontario Court of Appeal found a hospital insurer, the Healthcare Insurance Reciprocal of Canada, does not have a duty to defend a…