James Simpson reports: Police Scotland have launched an investigation after personal details of hundreds of Angus pupils were released during a cyber attack. Exam results and “pupils profiles” outlining learning difficulties and mental health issues of Brechin High School students were released in the breach. […] Documents containing emergency contact details for more than 1,800…
Category: Of Note
New Evil Corp ransomware mimics PayloadBin gang to evade US sanctions
Lawrence Abrams reports: The new PayloadBIN ransomware has been attributed to the Evil Corp cybercrime gang, rebranding to evade sanctions imposed by the US Treasury Department’s Office of Foreign Assets Control (OFAC). The Evil Corp gang, also known as Indrik Spider and the Dridex gang, started as an affiliate for the ZeuS botnet. Over time,…
Ukraine’s security service claims to have thwarted mass cyberattack by Russian special forces
The following is a machine translation of a press release by Служба безпеки України, the Security Service of Ukraine: The SBU blocked a mass cyberattack by Russian special services on the computer networks of the Ukrainian authorities Cyber experts of the Security Service of Ukraine revealed the facts of purposeful distribution of malicious software by…
Van Buren is a Victory Against Overbroad Interpretations of the CFAA, and Protects Security Researchers
Aaron Mackey and Kurt Opsahl of EFF write: The Supreme Court’s Van Buren decision today overturned a dangerous precedent and clarified the notoriously ambiguous meaning of “exceeding authorized access” in the Computer Fraud and Abuse Act, the federal computer crime law that’s been misused to prosecute beneficial and important online activity. The decision is a victory for all Internet…
Hackers Breached Colonial Pipeline Using Compromised Password
William Turton and Kartikay Mehrotra report: The hack that took down the largest fuel pipeline in the U.S. and led to shortages across the East Coast was the result of a single compromised password, according to a cybersecurity consultant who responded to the attack. Hackers gained entry into the networks of Colonial Pipeline Co. on…
11th Circuit Upholds Historic $380 Million Equifax Data-Breach Settlement
Izzy Kapnick reports: A three-judge panel for the 11th Circuit on Thursday upheld the largest-ever U.S. class action settlement over a consumer data breach, rejecting a bevy of challenges to the $380 million deal. Finalized in January 2020, the settlement compensates U.S. consumers whose personal information was exposed in a cyberattack on the credit bureau Equifax. The…