A former Acting Inspector General for the U.S. Department of Homeland Security, Office of Inspector General (DHS-OIG) pleaded guilty today to federal charges stemming from the theft of proprietary software and sensitive databases from the U.S. government. According to court documents, Charles K. Edwards, 61, of Sandy Spring, Maryland, executed a scheme to steal confidential…
FSB arrests REvil ransomware gang members
Catalin Cimpanu reports: The Russian Federal Security Service (FSB) said today that it has raided and shut down the operations of the REvil ransomware gang. Raids were conducted today at 25 residents owned by 14 members suspected to be part of the REvil team across Moscow, St. Petersburg, Leningrad, and the Lipetsk regions. Authorities said…
Cyberattack Hits Ukrainian Websites as Russia Tensions Mount
Alberto Nardelli, Vladimir Kuznetsov and Kateryna Choursina report: Ukraine’s worst cyberattack in four years brought down the websites of scores of government agencies for hours. Authorities didn’t immediately identify the source of the hacks, which took place as tensions with Russia intensified over its troop buildup across the border. Seventy government agencies were hit, including…
Accellion reaches $8.1 mln settlement to resolve data breach litigation
Sara Merken reports: Accellion Inc has reached an $8.1 million deal with a proposed nationwide class to end litigation over a breach of its legacy file transfer product, a platform that allowed companies to securely share large or sensitive files, according to settlement papers filed in California federal court. The Palo Alto-based tech company faced…
Microsoft Defender weakness lets hackers bypass malware detection
Ionut Ilascu reports: Threat actors can take advantage of a weakness that affects Microsoft Defender antivirus on Windows to learn locations excluded from scanning and plant malware there. The issue has persisted for at least eight years, according to some users, and affects Windows 10 21H1 and Windows 10 21H2. Read more at BleepingComputer.
Breach of the Protection and Accountability Obligations by Nature Society (Singapore) 14 Jan 2022
A financial penalty of $14,000 was imposed on Nature Society (Singapore) for breaches of the PDPA. First, the organisation failed to put in place reasonable measures to protect personal data on its website database. Second, it did not appoint a data protection officer. Lastly, it did not have written policies and practices necessary to comply…