Joshua Schulte, who called himself “Bad Ass,” and who was also called “Voldemort” by colleagues in the C.I.A.’s Operations Support Branch, was convicted by a federal court jury in New York of sending the CIA’s “Vault 7” cyber-warfare tools to WikiLeaks in 2017. Larry Neumeister and Tom Hays of AP report: A former CIA software…
Category: Of Note
FREE RESOURCE: K12 SIX Releases Essential Cyber Incident Response Runbook
HERNDON, Va., July 13, 2022–(BUSINESS WIRE)–The K12 Security Information Exchange (K12 SIX) is pleased to release the second product in its series of free cybersecurity aids for U.S. school districts, charter schools, and private school institutions: an incident response template and runbook to assist in preparation for a cyber-attack. Aligned to the NIST Incident Response Lifecycle—and developed with…
Au: Infrastructure companies must report cyberattacks within 12 hours
Tom Burton reports: Critical infrastructure operators must now report significant cyber breaches to the federal government within 12 hours of an attack, following the expiry of a three-month grace period that enabled nearly 2500 of them to prepare for the new rules. Owners of electricity, gas, ports and water, and sewerage assets are also required…
‘Callback’ Phishing Campaign Impersonates Security Firms
Elizabeth Montalbano reports: A new callback phishing campaign is impersonating prominent security companies to try to trick potential victims into making a phone call that will instruct them to download malware. Researchers at CrowdStrike Intelligence discovered the campaign because CrowdStrike is actually one of the companies, among other security firms, being impersonated, they said in…
US govt warns of Maui ransomware attacks against healthcare orgs
Sergiu Gatlan reports: The FBI, CISA, and the U.S. Treasury Department issued today a joint advisory warning of North-Korean-backed threat actors using Maui ransomware in attacks against Healthcare and Public Health (HPH) organizations. Starting in May 2021, the FBI has responded to and detected multiple Maui ransomware attacks impacting HPH Sector orgs across the U.S….
The Norwegian SA issues fine to the Municipality of Østre Toten for flawed information security
Seen on the website of the European Data Protection Board, a decision by Norway’s data protection regulator imposed a 400,000 Eur fine (NOK 4 million) on a municipality that suffered a ransomware attack. The Norwegian Supervisory Authority found that the municipality’s security for personal data was seriously flawed and inadequate. Summary of the Decision Origin…