ACY Securities describes itself as one of Australia’s fastest growing multi-asset online CFD trading providers. But as first reported by HackRead, the trading firm was leaking 60 GB of user data until independent researcher Anurag Sen persisted in trying to alert them to a misconfigured elasticsearch database. As seen by Hackread, the data included personally…
Novartis says no sensitive data was compromised in cyberattack
Lawrence Abrams reports: Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. Yesterday, the hacking group began selling data allegedly stolen from Novartis on their Tor…
What Counts as “Good Faith Security Research?”
Brian Krebs writes: The U.S. Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases. The new guidelines state that prosecutors should avoid charging security researchers who operate in “good faith” when finding and reporting…
Pysa shuttered its leak site before it ever dumped data from more than half a dozen schools. Here’s what we know so far.
The education sector has always been a relatively easy target for cybercriminals. One group in particular — Pysa — earned a reputation for its ransomware attacks on schools. Despite analyses and alerts in March, 2021 by threat intel firms and the U.S. government indicating that Pysa was a major threat to the education sector in…
Thailand’s Personal Data Protection Act Enters into Force
Hunton Andrews Kurth writes: On June 1, 2022, Thailand’s Personal Data Protection Act (“PDPA”) entered into force after three years of delays. The PDPA, originally enacted in May 2019, provides for a one-year grace period, with the main operative provisions of the law originally set to come into force in 2020. Due to the COVID-19 pandemic,…
US General Says American Hackers Conducted Offensive Operations To Support Ukraine: Report
Anwesha Majumdar reports: As the ravaging Russia-Ukraine war has reached its 99th day, the chief of the United States’ Cyber Command, General Paul Nakasone, claimed that ‘offensive operation’ in support of war-torn Ukraine have been carried out by US military hackers. During an exclusive interview with Sky News, General Nakasone detailed how the separate “hunt forward” operations allowed…