Katie Feehan reports: A pupil hacked into their teacher’s computer to change grades after finding the password on a note stuck to a laptop. The same password was used for access to multiple accounts and the pupil’s hack is among the incidents which prompted GCHQ to offer cyber security training to school staff. After obtaining…
Pulse Secure Critical Zero-Day Security Bug Under Active Exploit
Tara Seals reports: CVE-2021-22893 allows remote code-execution (RCE) and is being used in the wild by nation-state cyberattackers to compromise VPN appliances in defense, finance and government orgs. A critical zero-day security vulnerability in Pulse Secure VPN devices has been exploited by nation-state actors to launch cyberattacks against U.S. defense, finance and government targets, as…
Elliman’s property management arm suffers data breach
Erin Hudson reports: Thousands of New York residents who live in buildings run by Douglas Elliman’s property management arm may have had their personal information compromised this month. Douglas Elliman Property Management’s three managing directors emailed hundreds of co-operative and condominium boards Monday to advise them that the company’s IT network — which contains data…
Palestinian Hackers Tricked Victims Into Installing iOS Spyware
Lily Hay Newman reports: Hacking activity in the Gaza Strip and West Bank has ramped up in recent years as rival Palestinian political parties spar with each other, the Israeli-Palestinian conflict continues, and Palestinian hackers increasingly establish themselves on the global stage. Now, Facebook has uncovered two digital espionage campaigns out of Palestine, active in 2019 and 2020, that…
Ca: Court approves data breach settlements with BMO, CIBC
James Langton reports: An Ontario court has approved proposed class action settlements with Bank of Montreal (BMO) and CIBC over cybersecurity breaches involving thousands of clients. The Superior Court of Justice endorsed settlements and distribution plans designed to resolve lawsuits against the banks stemming from a data theft that affected more than 10,000 clients of…
Kansas Department of Labor looking into possible data breach
Caroline Elliott reports: A KWCH investigation in February helped to launch a Kansas Department of Labor investigation after the investigation discovered a way to use social security numbers on the KDOL website to pull up anyone’s personal information. Eyewitness News reporter Caroline Elliott has been looking into the issue for months and Tuesday, April 20, Eyewitness…