Bill Toulas reports: LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims. The recipients of these emails are warned about a copyright violation, allegedly having used media files without the creator’s license. These emails demand that the recipient remove the infringing content…
Queensland moves on data breach notification scheme
Joseph Brookes reports: The Queensland state government is considering a mandatory data breach notification scheme among several privacy and information sharing reforms in the works. The scheme would force agencies to report data breaches to the regulator and affected individuals in what would be a first for a state or territory government. Currently, Queensland agencies are…
Unsurprisingly, hacktivists protest the overturn of a woman’s right to her own body
The announcement appeared on the Telegram channel of a group calling themself “SiegedSec:” TIME FOR SOME 1337 H4CKTIVISM!!! (4 the record, we will still do blackhat stuff 😉 Like many, we are also pro-choice, one shouldn’t be denied access to abortion. As added pressure to the U.S government, we have leaked many internal documents and…
Expensive week for Carnival Corp: a $1.25 million settlement with states over one breach, then a $5 million settlement with New York for violating state cybersecurity regulation
It seems this was the week for following up on Carnival Corporation breaches. Earlier this week, state attorneys general announced a $1.25 million multistate settlement with the cruise line over a 2019 data breach first disclosed in 2020. But there was other news concerning the cruise line this week, too. On Friday, the New York…
Everything old is new again? Ransomware groups stop encrypting and switch to theft/extortion model.
In a new post at The Register, Jessica Lyons Hardcastle reports, in part: ….. Increasingly, however, cybercrime rings still tracked as ransomware operators are turning toward primarily data theft and extortion – and skipping the encryption step altogether. Rather than scramble files and demand payment for the decryption keys, and all the faff in between…
New York State School District Audits Released in June
New York State Comptroller DiNapoli released more school district audits in June. As always, some of the audits do not reveal all the concerns or recommendations. Some concerns or recommendations are shared with districts confidentially for security reasons. Here are summaries of audits of school districts released in June that relate to school district IT:…