From Microsoft’s Blog: The Microsoft Threat Intelligence Center (MSTIC) has observed and taken actions to disrupt campaigns launched by SEABORGIUM, an actor Microsoft has tracked since 2017. SEABORGIUM is a threat actor that originates from Russia, with objectives and victimology that align closely with Russian state interests. Its campaigns involve persistent phishing and credential theft…
Category: Of Note
Alberta OIPC’s 2022 PIPA Breach Report – Trends and Key Takeaways
John Cassell, Imran Ahmad,and Miranda Sharpe of Norton Rose Fulbright write: On July 27, 2022, the Office of the Information and Privacy Commissioner of Alberta (OIPC) released its 2022 PIPA Breach Report.[1] The report analyzes the nearly 2,000 breach reports[2] received by the OIPC during the ten year period since reporting was mandated in Alberta under…
Au: WA Health sorry over monkeypox data breach
Michael Ramsey reports: Western Australia’s health department has apologised for accidentally leaking the personal details of passengers aboard a flight carrying a person infected with monkeypox. A woman who travelled on the flight from Doha last week said she received the document in an email from WA Health. It contained the personal information of 47…
NYDFS Proposed Amendments to Its Cybersecurity Rules
Patrick H. Haggerty and Elise Elam of BakerHostetler write: On July 29, the New York Department of Financial Services (NYDFS) released Draft Amendments to its Part 500 Cybersecurity Rules that include a number of significant amendments to the rules, including notification requirements such as a mandatory 24-hour notification for cyber ransom payments, specific requirements for…
Update: Hackers issue ‘ransom demands’ to NHS IT supplier: Fears MILLIONS of confidential patient records could be leaked after major cyber attack
Joe Davies reports an update to the ransomware attack on Advanced that impacted the NHS 111 system: Hackers are holding an IT firm that supplies NHS trusts to ransom following a cyber attack last week, according to sources. Health bosses are concerned criminals have access to confidential health records and could leak them if their demands aren’t…
Lockbit, Hive, and BlackCat attack automotive supplier in triple ransomware attack
Linda Smith, Rajat Wason, and Syed Zaidi of Sophos write: In May 2022, an automotive supplier was hit with three separate ransomware attacks. All three threat actors abused the same misconfiguration – a firewall rule exposing Remote Desktop Protocol (RDP) on a management server – but used different ransomware strains and tactics. The first ransomware…