2019 was a difficult year for Wichita State University in terms of cybersecurity. They started the year with a phishing incident that stole some employees’ paychecks, and it seems that they ended the year with another incident. As their external counsel wrote on March 10: In December 2019, WSU learned of a security incident involving…
Coronavirus: Cybercriminals target healthcare workers with email scam
Rowland Manthorpe reports: Cybercriminal gangs are targeting healthcare professionals with phishing emails about “coronavirus awareness” – part of a wave of scams capitalising on the pandemic. Sky News has seen a copy of an email scam sent to a number of healthcare organisations that pretends to be from each firm’s internal IT team. The email…
The Cyber Intelligence Analyst’s Cookbook
There’s a new — and free — OSINT resource from Open Source Researchers that I want to let you all know about: The Cyber Intelligence Analyst’s Cookbook Volume 1 : A primer for Open Source Intelligence Collection and Applied Research An excerpt from the Preface: Anyways, I started with this brain dump of my process…
PXJ Ransomware Campaign Identified by X-Force IRIS
Megan Roddie and Limor Kessem write: In a recent analysis from IBM’s X-Force Incident Response and Intelligence Services (IRIS), our team discovered activity related to a new strain of ransomware known as “PXJ” ransomware. This malware is also known as “XVFXGW” ransomware. The name PXJ is derived from the file extension that is appended to…
ZA: Eskom’s IT systems still slow after data centre ‘incident’
ITWeb reports: Power utility Eskom’s IT systems are still slow after the parastatal suffered a data centre “incident” last week. The embattled power utility last week announced it had experienced an “incident” at its data centre, which saw the business implement business continuity plans to ensure minimal interruptions. In new a statement, the parastatal says it experienced…
Hungarian Supervisory Authority Issues Guidance on Data Protection and Coronavirus
Dan Cooper and Dora Pap of Covington & Burling write: On March 10, 2020, the Hungarian National Authority for Data Protection and Freedom of Information (“NAIH”) issued guidance on data protection and COVID-19. The NAIH highlights that controllers processing personal data in the context of their efforts to prevent the spread of COVID-19 must comply with the…