Catalin Cimpanu reports: Microsoft said it identified more than 40 of its customers that installed trojanized versions of the SolarWinds Orion platform and where hackers escalated intrusions with additional, second-stage payloads. The OS maker said it was able to discover these intrusions using data collected by Microsoft Defender antivirus product, a free antivirus product built…
In wake of horrific Vastaamo breach, Finnish government tables laws to protect data from cyber criminals
Gerard O’Dwyer reports: The huge data security breach and cyber-ransom attack at Finland’s Vastaamo Psychotherapy Centre has provoked a swift response from the government, which is primed to introduce more rigid laws and measures to protect the country’s databases and sensitive information from cyber criminals. […] In a significant bolstering of Finland’s data security laws,…
IN: Telangana Government Site Flaw Exposed Sensitive Data of All Its Employees, Pensioners; Fixed Only After Three Months
Jagmeet Singh reports: Telangana state government took over three months to protect sensitive details of its employees and pensioners from its website. The Indian Computer Emergency Response Team (CERT-In) confirmed the vulnerability and replied on email in September to say that the authorities had been intimated about the issue, and Telangana IT Secretary Jayesh Ranjan…
OH: Olmsted Falls City Council approves new computer vendor to provide data security
In a year when so many small government agencies have been attacked, it’s nice to see local governments address improving security, although advertising how vulnerable they may currently be may be an invitation to attackers. John Benson reports: hen it comes to data security and computer operations, it doesn’t matter if you’re talking about a…
AU: Service NSW not effectively handling private information: NSW Auditor-General
Chris Duckett reports: The NSW Auditor-General Margaret Crawford has released her office’s report into how Service NSW handles personal and business information, following the agency being breached earlier this year. In May, the agency fessed up to the phishing attack, which led to 47 staff email accounts being compromised. The breach was said to have impacted 186,000 customers and…
Ransomware masquerades as mobile version of Cyberpunk 2077
Lawrence Abrams reports: A threat actor is distributing fake Windows and Android installers for the Cyberpunk 2077 game that is installing a ransomware calling itself CoderWare. To trick users into installing malware, threat actors commonly distribute them as gamer installers, cheats, and cracks for copyrighted software. Read more on BleepingComputer.