Jayant Chakravarti reports: The Australian financial regulator has filed a lawsuit against FIIG Securities, accusing the leading investment and financing company of lacking adequate cybersecurity controls to stop a threat actor from stealing confidential personal information of 18,000 customers. The Australian Securities and Investments Commission said it decided to sue Brisbane-headquartered FIIG Securities in Federal Court after…
Alleged Data Breach at Korea Aerospace Research Institute Sparks Major Investigation
In today’s reminder of the insider threat, Jung Suk-yee reports that employees of the Korea Aerospace Research Institute (KARI) are being investigated by the Daejeon Metropolitan Police Agency for leaking sensitive technology: The investigation, which has captured national attention, involves a suspected breach of data related to South Korea’s ambitious Nuri space launch vehicle project….
Almost one month after Brain Cipher claimed to have attacked them, Pulmonary Physicians of South Florida has yet to publicly confirm or deny any breach
Pulmonary Physicians of South Florida (PPSF) describe themselves as a group of experienced and highly qualified pulmonary, critical care and sleep medicine physicians. “We provide comprehensive, state of the art diagnosis and treatment of diseases of the lungs in every hospital in Miami-Dade County, as well as in select hospitals in Broward and Monroe counties,”…
What is WikiLeaksV2 doing with a ransomware gang? Spoiler alert: It’s not extortion.
As previously reported on this site, in September 2023, Cardiovascular Consultants Ltd. (CVC) in Arizona experienced a ransomware attack. In October 2023, the Qilin ransomware group added CVC to its leak site, claiming to have exfiltrated 520,961 files and 206 GB of data. And in December 2023, CVC announced the breach in a substitute notice…
Microsoft wouldn’t look at a bug report without a video. Researcher maliciously complied
Connor Jones reports: A vulnerability analyst and prominent member of the infosec industry has blasted Microsoft for refusing to look at a bug report unless he submitted a video alongside a written explanation. Senior principal vulnerability analyst Will Dormann said last week he contacted Microsoft Security Response Center (MSRC) with a clear description of the…
DOGE Staffer Broke Treasury Rules Transmitting Personal Data
Gregory Korte and Erik Larson report: A staffer for the Department of Government Efficiency violated Treasury Department policies when he sent a spreadsheet containing personal information to two other people in the Trump administration, a federal official revealed in a court filing Friday. That DOGE staffer was Marko Elez, who left his job tracking Treasury…