Alexander Martin reports: Australia became on Friday the first country in the world to require victims of ransomware attacks to declare to the government any extortion payments made on their behalf to cybercriminals. The law, initially proposed last year, only applies to organizations with an annual turnover greater than AUS $3 million ($1.93 million) alongside a smaller…
U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams
Brian Krebs reports: The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure for hundreds of thousands of websites involved in virtual currency investment scams known as “pig butchering.” In January 2025, KrebsOnSecurity detailed how Funnull was being used as a content delivery network that catered to cybercriminals…
Victoria’s Secret takes down website after security incident
Sergiu Gatlan reported yesterday: Fashion giant Victoria’s Secret has taken down its website and some store services because of an ongoing security incident. Victoria’s Secret manages approximately 1,380 retail stores in nearly 70 countries and reported an annual revenue of $6.23 billion for the fiscal year ending February 1, 2025. The company says in a…
U.S. Government Employee Arrested for Attempting to Provide Classified Information to Foreign Government
Yet another reminder of the insider threat: a press release from the Department of Justice. Ironically, this insider worked for the Insider Threat Division of the Defense Intelligence Agency. An IT specialist employed by the Defense Intelligence Agency (DIA) was arrested today for attempting to transmit national defense information to an officer or agent of…
St. Cloud Provides Update on Ransomware Attack in 2024
A notice on St. Cloud, Florida’s website: May 29, 2025 – The City of St. Cloud, Florida (the “City”) is issuing updated notice of an event that may impact the security of information related to certain individuals. This notice supplements the notice previously posted on or website on or about May 24, 2024. What Happened? On or…
Bradford Health Systems detected abnormal network activity in December 2023. They first sent out breach notices this week.
Bradford Health Systems in Alabama has posted a security notice on its website this week about an incident affecting employee and patient data. It begins: On December 8, 2023, Bradford Health detected unusual activity within its network. Upon discovering this activity, it immediately initiated an investigation of the matter with the assistance of third-party cybersecurity…