Lorenzo Franceschi-Bicchierai reports: Hackers breached a website that allows people to buy and sell guns, exposing the identities of its users, TechCrunch has learned. The breach exposed reams of sensitive personal data for more than 550,000 users, including customers’ full names, home addresses, email addresses, plaintext passwords and telephone numbers. Also, the stolen data allegedly…
Cyber Plan Would Hold Software Makers Responsible in Hacks
Katrina Manson reports: The Biden administration is set to release an aggressive new national cybersecurity strategy on Thursday that seeks to shift the blame from companies that get hacked to software manufacturers and device makers, putting it on a potential collision course with big technology companies. The 35-page strategy, shared in advance with a group…
CISA Advisory: Royal Ransomware
Release Date: March 02, 2023 Alert Code: AA23-061A SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations…
Minneapolis Public Schools systems restored, no ransom paid
Jeremiah Jacobsen has an update to the “encryption event” previously disclosed by Minneapolis Public Schools (MPS). [Note: MPS’s phrase “encryption event” appeared to be a ridiculous — and dare we say, sleazy– attempt not to call it a “ransomware attack.” The district still has not described it as ransomware attack.] Minneapolis Public Schools released a…
Za: Businessman convicted of Experian data breach skips sentencing, court issues warrant for his arrest
Jeanette Chabalala reports: A man who was convicted of fraudulently obtaining the personal data of millions of South Africans is a wanted man after he skipped his sentencing. Karabo Phungula failed to appear in the Specialised Commercial Crimes Court, sitting in the Palm Ridge Magistrate’s Court, for his sentencing on Wednesday. It was the second…
Nearly 800 people affected by possible data breach during College of the Desert malware attack last summer
KESQ has an update on a malware attack on College of the Desert last year: College of the Desert has begun alerting the approximately 800 people who may be affected by a possible data breach during a malware attack last summer. The malware attack occurred in early July. The attack took down the school’s phone…