Josh Fiallo and Peter Talbot report: A 17-year-old Tampa man was arrested Friday morning after the Federal Bureau of Investigation and the U.S. Department of Justice discovered he was behind an extensive Twitter hack, which temporarily gave him access to the accounts of Bill Gates, Barack Obama and many others. Graham Ivan Clark, 17, was arrested…
Category: Of Note
Connecticut Insurance Dept. Reminds Licensees to Comply with Data Security Law
Linn F. Freedman of Robinson & Cole writes: On July 20, 2020, the Connecticut Insurance Department issued a bulletin to licensees reminding them that the Connecticut Insurance Data Security Law (“Act”) becomes effective on October 1, 2020 and providing guidance on compliance. The Act requires “all persons who are licensed, authorized to operate or registered, or…
US provides new expanded set of espionage charges against former Twitter employees
Campbell Kwan reports: Fresh off dismissing spying charges against two former Twitter employees and another individual on Tuesday, the US government has unfurled a new superseding indictment that accuses the three individuals of even more offences. The two former Twitter employees, Ahmad Abouammo and Ali Alzabarah, and the third person named Ahmed Almutairi were originally charged with…
Lifespan Pays $1,040,000 to OCR to Settle Unencrypted Stolen Laptop Breach
In April, 2017, Lifespan issued a statement disclosing a stolen laptop incident involving unencrypted protected health information. In at least two places in their statement they claim that they are committed to protecting the security and confidentiality of patient data. Today, OCR announced a settlement with Lifespan in which Lifespan is to pay more than…
A vigilante is sabotaging the Emotet botnet by replacing malware payloads with GIFs
Catalin Cimpanu reports: An unknown vigilante hacker has been sabotaging the operations of the recently-revived Emotet botnet by replacing Emotet payloads with animated GIFs, effectively preventing victims from getting infected. The sabotage, which started three days ago, on July 21, has grown from a simple joke to a serious issue impacting a large portion of the Emotet…
Ongoing Meow attack has nuked >1,000 databases without telling anyone why
In March, thousands of elastic search installations were wiped out and all that was left was a calling card, “NightLionSecurity.com.” Now there’s a new round of attacks using a “Meow” calling card as they wipe out ElasticSearch and MongoDB databases. Dan Goodin reports: More than 1,000 unsecured databases so far have been permanently deleted in…