Marco A. De Felice reports: Christophe Boutry, a former DGSI ( Direction Générale de la Sécurité Intérieure ) agent, was sentenced to 7 years in prison (with a two-year suspension) for selling confidential information from law enforcement databases on the darkweb. Documents stolen from police archives include fake marriage permits and certificates and sensitive information on the Marseille…
Category: Of Note
DOJ says SolarWinds hack impacted 27 state attorneys’ offices
Catalin Cimpanu reports: The Russian hackers who orchestrated the SolarWinds supply chain attack pivoted to the internal network of the US Department of Justice, from where they gained access to Microsoft Office 365 email accounts belonging to employees at 27 state attorneys’ offices, the DOJ said in a statement on Friday afternoon. Read more on…
Feds list the top 30 most exploited vulnerabilities. Many are years old
Dan Goodin reports: Government officials in the US, UK, and Australia are urging public- and private-sector organizations to secure their networks by ensuring firewalls, VPNs, and other network-perimeter devices are patched against the most widespread exploits. In a joint advisory published Wednesday, the US FBI and CISA (Cybersecurity and Infrastructure Security Agency), the Australian Cyber Security Center,…
Understanding the increase in Supply Chain Security Attacks
The European Union Agency for Cybersecurity mapping on emerging supply chain attacks finds 66% of attacks focus on the supplier’s code. Supply chain attacks have been a concern for cybersecurity experts for many years because the chain reaction triggered by one attack on a single supplier can compromise a network of providers. Malware is the attack…
Uber found to have breached Australian’s privacy following 2016 hack
Cameron Abbott and Jacqueline Patishmanof K&L Gates write: In 2017, Uber disclosed to the Office of the Australian Information Commissioner (OAIC) a breach of its some 57 million global users and driver’s personal information (including approximately 1.2 million Australians). Last Friday, the OAIC determined that Uber had breached the Australian Privacy Act by failing to take reasonable steps to…
Inside Forkbombo, the dreaded Kenyan cybercrime gang
Brian Wasuna reports: When financial institutions in Kenya started recording increased cyber-attacks in 2010, it was believed the country’s detectives would easily stamp out the crime. Back then, most cybercrime incidents involved hackers stealing small amounts of money that were near impossible to detect, before graduating to big money heists, in a what is known…