Fikayo Olowolagba reports: The National Population Commission (NPC) Badagry office located at Town Hall near Topo Garage, in Lagos State has been attacked by robbers. A staff member of the commission, Mrs Funmilayo Bojrenu told the News Agency of Nigeria (NAN) in Badagry that vital documents belonging to NPC were stolen. Read more at Daily…
UK: Two More Nails in the Coffin for Opportunistic Data Breach Claims
Victoria Leigh of Squire Patton Boggs writes: Following on from a string of cases in 2021 concerning minor data breaches (see our earlier article here), two further cases in Q1 of 2022 have continued the trend of High Court scepticism. Such compensation claims, usually involving multiple causes of action, often find themselves trimmed down and sent…
Israeli Ministry Illegally Shared Biometric Images of Millions With Unknown Agency
Josh Breiner and Bar Peleg report: The Population and Immigration Authority illegally shared in the past seven years the facial images of millions of Israelis with an unnamed government agency. The actions of the Interior Ministry division were disclosed in an official report published last week by Roy Friedman, the head of the Israel National…
Bayonne Police Sergeant Charged With Unauthorized Use of Law Enforcement Database
Statement by the Hudson County Prosecutor’s Office: Hudson County Prosecutor Esther Suarez has released the following information: On Tuesday, May 24, 2022, a Bayonne Police Sergeant was arrested on a computer crime charge involving the unauthorized use of a law enforcement database. Richard Killmer, 33, is charged with one count of Computer Theft in violation…
Fake Windows exploits target infosec community with Cobalt Strike
Lawrence Abrams reports: A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. Whoever is behind these attacks took advantage of recently patched Windows remote code execution vulnerabilities tracked as CVE-2022-24500 and CVE-2022-26809. Read more at BleepingComputer.
Open source packages with millions of installs hacked to harvest AWS credentials
ITPro reports: Software developers and cyber security experts have discovered a new software supply chain hack that is attempting to harvest Amazon Web Services (AWS) cloud credentials. The compromise of two popular open-source packages – Python’s eight-year-old CTX and PHP’s phpass – has led to developers scrambling to understand their exposure to the threat. A combined 3 million users…