People are first finding out NOW? Look at this timeline, provided by Sergiu Gatlan in his reporting on BleepingComputer: Guidehouse notified Morgan Stanley in May 2021. Guidehouse had been breached in January through the Accellion vulnerability. Guidehouse discovered the breach in March and the impact to Morgan Stanley customers in May. Why didn’t Guidehouse discover the…
‘Shut down everything:’ Global Kaseya ransomware attack takes a small Maryland town offline
Chris Velazco and Rachel Lerman report: It was just after 12:30 p.m. on the Friday before the Fourth of July holiday when a warning popped up on Laschelle McKay’s computer screen. McKay, the town administrator for Leonardtown, Md., didn’t even have time to read the whole message before it disappeared and her computer froze. “Everything…
Bug bounties: Here’s how much Microsoft paid out to security researchers last year
Liam Tung reports: Microsoft has revealed it awarded 341 researchers a total of $13.6 million during the past year for reporting security vulnerabilities in its bug bounty programs. The awards were issued between July 1, 2020 and June 30, 2021 and is slightly less than what it paid out in 2019. That year, Microsoft tripled the awards…
Cyberattacks continue to interfere with vaccination efforts and municipal governments
Cyberattacks continue elsewhere as the two reports below show. One attack impacted the COVID-19 vaccination portal in the country of Georgia. An unrelated attack affected a municipality in Romania. Georgia Like many countries, Georgia has been dealing with a significant increase in number of new COVID cases after previously lifting some restrictions. On July 2,…
UK: Years in jail for Cambridgeshire computer hacker who blackmailed victims
itv reports: A computer hacker from Linton in Cambridgeshire has been sentenced to two and a half years in prison after a number of blackmail and computer offences. Police described 20-year-old Alexander Marsh as ‘manipulative’ after he was caught harvesting personal information, including intimate images from people in Suffolk. Marsh first came to the attention…
Sg: Spooked by website hacking, ad firm beefs up security, stops using default passwords
Kenny Chee reports: A simple, default password shared by employees was possibly the weak link that allowed hackers to break into advertising and creative agency Splash Productions‘ website and deface it. The incident, which happened about five to six years ago, was a wake-up call that spurred the company to drastically improve its cyber security…