Peter Williams, 39, an Australian national, pleaded guilty in U.S. District Court today in connection with selling his employer’s trade secrets to a Russian cyber-tools broker, the Justice Department announced today. Williams pleaded to two counts of theft of trade secrets. The material, stolen over a three-year period from the U.S. defense contractor where he…
The 4TB time bomb: when EY’s cloud went public (and what it taught us)
Today’s episode of “No need to hack when it’s leaking” is brought to us by Neo Security. In the course of their research and scanning, they came across a 4 TB SQL backup. As Neo Security explains: An SQL Server BAK file is a complete database backup. It contains everything: the schema, all the data,…
China Amends Cybersecurity Law and Incident Reporting Regime to Address AI and Infrastructure Risks
Yan Luo of Covington and Burling writes: Over the past few months, Chinese regulators have taken steps to update the country’s cybersecurity framework, with a particular focus on artificial intelligence (AI) safety and clarifying incident reporting obligations for onshore infrastructure. These developments reflect a broader trend toward more proactive AI and cyber governance and could…
Alan Turing institute launches new mission to protect UK from cyber-attacks
Robert Booth reports: Britain’s leading AI institute has announced a new mission to help protect the nation from cyber-attacks on infrastructure, including energy, transport and utilities, after it was embroiled in allegations of toxic work culture and the chief executive resigned amid ministerial pressure. The Alan Turing Institute will “carry out a programme of science and innovation designed to…
Some lower-tier ransomware gangs have formed a new RaaS alliance — or have they? (1)
Calling all of the groups ‘lower-tier’ may have been inaccurate. Please be sure to read the update at the bottom of this post. We’ve seen a few announcements this year heralding cartels or alliances in the ransomware ecosystem. Two such announcements involved DragonForce, but as SuspectFile reported, there was no evidence of a cartel, and…
Safaricom-Backed M-TIBA Victim of a Possible Data Breach Affecting Millions of Kenyans
Linet Amuli reports: Kenya’s digital health sector is facing a major cybersecurity crisis after hackers claimed to have stolen a massive trove of personal and medical data from M-TIBA, a Safaricom-backed mobile health platform. The alleged breach, said to involve over 2.15 terabytes of information, could expose the records of up to 4.8 million users,…