The Office of Inadequate Security
From a Joint Cybersecurity Advisory summary: The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes…
Susan Morse reports: The Centers for Medicare and Medicaid Services and Wisconsin Physicians Service Insurance Corporation are mailing written notifications to 946,801 people whose protected health information or other personally identifiable information may have been compromised in a cyber breach. A security vulnerability was found in MOVEit software, a third-party application used in the transfer…
Today’s reminder of the need to control and regularly audit employee access to personal information comes to us from Erin Maguire in Scotland: A FORMER member of Police Scotland staff is due to stand trial after she denied 44 charges of illegally accessing the personal data of dozens of people over a period spanning four…
Novaya Gazeta Europe reports: One of Russia’s most prominent pro-democracy organisations, the Free Russia Foundation, announced that it was investigating a potential cyberattack on Friday, following a leak of thousands of emails and documents related to its work. On Thursday, Telegram channel SOTA reported that “more than 2,500 email chains and more than 13GB of…
Tampa, Florida – United States Attorney Roger B. Handberg announces the return of an indictment charging Alex Khodyrev (35, Kazakhstan) and Pavel Kublitskii (37, Russia) with conspiracy to commit access device fraud and conspiracy to commit wire fraud. If convicted on all counts, each faces a maximum penalty of 20 years in federal prison. The…
For your “no need to hack when it’s leaking” files: Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password-protected database that contained thousands of records belonging to Confidant Health — an AI-powered platform offering mental health and addiction treatment. The database contained patient PII, psychosocial assessments including details about mental health or substance abuse,…