Katrina Manson reports: The Biden administration is set to release an aggressive new national cybersecurity strategy on Thursday that seeks to shift the blame from companies that get hacked to software manufacturers and device makers, putting it on a potential collision course with big technology companies. The 35-page strategy, shared in advance with a group…
CISA Advisory: Royal Ransomware
Release Date: March 02, 2023 Alert Code: AA23-061A SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations…
Minneapolis Public Schools systems restored, no ransom paid
Jeremiah Jacobsen has an update to the “encryption event” previously disclosed by Minneapolis Public Schools (MPS). [Note: MPS’s phrase “encryption event” appeared to be a ridiculous — and dare we say, sleazy– attempt not to call it a “ransomware attack.” The district still has not described it as ransomware attack.] Minneapolis Public Schools released a…
Za: Businessman convicted of Experian data breach skips sentencing, court issues warrant for his arrest
Jeanette Chabalala reports: A man who was convicted of fraudulently obtaining the personal data of millions of South Africans is a wanted man after he skipped his sentencing. Karabo Phungula failed to appear in the Specialised Commercial Crimes Court, sitting in the Palm Ridge Magistrate’s Court, for his sentencing on Wednesday. It was the second…
Nearly 800 people affected by possible data breach during College of the Desert malware attack last summer
KESQ has an update on a malware attack on College of the Desert last year: College of the Desert has begun alerting the approximately 800 people who may be affected by a possible data breach during a malware attack last summer. The malware attack occurred in early July. The attack took down the school’s phone…
HHS OCR creates new HIPAA enforcement arm and enhances focus on cybersecurity and privacy oversight
Marcy Wilder, Scott Loughlin, Melissa Bianchi, Paul Otto, and Alyssa Golay of Hogan Lovells write: This week the U.S. Department of Health and Human Services, the agency responsible for HIPAA enforcement, announced the formation of three new divisions within the Office for Civil Rights (“OCR”). The new divisions – Enforcement, Policy, and Strategic Planning –…