Korea JoongAng Daily reports: LG U+ was hit with 21.6 million won ($20,000) in government fines for a failure to secure customer data, which led to a massive breach and unauthorized sharing of sensitive information. The Personal Information Protection Commission (PIPC) announced Wednesday that it imposed a total of 75 million won in fines on…
Category: Of Note
FireEye, a Top Cybersecurity Firm, Says It Was Hacked by a Nation-State
David E. Sanger and Nicole Perlroth report: For years, the cybersecurity firm FireEye has been the first call for government agencies and companies around the world who have been hacked by the most sophisticated attackers, or fear they might be. Now it looks like the hackers — in this case, evidence points to Russia’s intelligence agencies —…
GE puts default password in radiology devices, leaving healthcare networks exposed
Dan Goodin reports: Dozens of radiology products from GE Healthcare contain a critical vulnerability that threatens the networks of hospitals and other health providers that use the devices, officials from the US government and a private security firm said on Tuesday. The devices—used for CT scans, MRIs, X-Rays, mammograms, ultrasounds, and positron emission tomography—use a…
Easy Way In? 5 Ransomware Victims Had Their Pulse Secure VPN Credentials Leaked
Victoria Kivilevich writes: Rising ransomware attacks around the world, together with the recent lists of exposed Pulse Secure VPN credentials set the backdrop for KELA’s latest research. While not all ransomware attacks used CVE-2019-11510 (a vulnerability of unpatched Pulse Secure VPN servers) or the previously shared credentials to the compromised corporate networks, it does add another layer…
The Legal Industry Has Finally Created a Data Security Standard of its Own
Kenya Parrish-Dixon of Empire Technologies Risk Management Group writes: The Association of Corporate Counsel is a professional organization comprised of in-house counsel serving the needs of in-house counsel. It has been in existence, in various forms, since 1983 and is currently an international organization with 45,000 members. After the Federal Trade Commission’s litigation support infrastructure…
Ransomware gangs are now cold-calling victims if they restore from backups without paying
Earlier this week, DataBreaches.net reported that a Georgia dental group was surprised to get a phone call from threat actors informing them that their files had been exfiltrated by the ransomware threat actors. It seems that when they had detected anomalies, they wiped the server and reinstalled from backup, and perhaps never noticed any “read…