The Office of Inadequate Security
In March 2024, LockBit3.0 added Redwood Coast Regional Center (RCRC) to its leak site. On May 3, RCRC notified HHS of the March 6 incident, reporting that 500 patients had been affected. RCRC only recently updated that report to indicate that 24,937 patients were affected. On or about November 5, they began mailing out letters…
A recent article on the cybersecurity risks posed by mergers and acquisitions begins: When companies merge, it creates significant cybersecurity challenges in two main ways: firstly, challenges arise in integrating disparate security infrastructures, and secondly, an M&A transaction brings together diverse organizational cultures which presents its own challenges from a cyber perspective. Yet the limited…
Bill Toulas reports: The Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors. When security research is conducted within the specified boundaries, those responsible will be excluded from criminal liability and the risk of prosecution. “Those who want…
While many of us were waking up to the election results yesterday, at least one person was busy trying to extort AT&T using the president-elect and current vice president’s call logs. In their post, “kiberphant0m” posted this demand concerning AT&T call logs: TRUMP & Vice President of the United States CALL LOGS — OFFICIAL WARNING…
Michael Kan reports: Have I Been Pwned has long been one of the most useful ways to learn if your personal information was exposed in a hack. But a new site offers its own powerful tool to help you check if your data has been leaked to cybercriminals. DataBreach.com is the work of a New Jersey company…
From an INTERPOL announcement yessterday: A global INTERPOL operation has taken down more than 22,000 malicious IP addresses or servers linked to cyber threats. Operation Synergia II (1 April – 31 August 2024) specifically targeted phishing, ransomware and information stealers and was a joint effort from INTERPOL, private sector partners and law enforcement agencies from…