Chris Keall reports: The Reserve Bank has suffered the ignominy of being the first organisation to be hit by a compliance notice under the new Privacy Act, which came into force in December last year. Privacy Commissioner John Edwards says an independent review carried out by KPMG after a December 2020 cyber attack “revealed multiple…
EU chief announces cybersecurity law for connected devices
Luca Bertuzzi reports: European Commission President Ursula von der Leyen announced on Wednesday (15 September) a Cyber Resilience Act aimed at setting common cybersecurity standards for connected devices. […] The Commission initiative adds to an existing proposal for a Directive on Security of Network and Information Systems, commonly known as the NIS2 Directive. NIS2 expands…
African Bank warns of data breach with personal details compromised
BusinessTech reports: African Bank has confirmed that one of its appointed professional debt recovery partners, Debt-IN, was targeted by cybercriminals in April 2021. At the time, expert security advice concluded that there was no evidence that the ransomware attack had resulted in a data breach – however, Debt-IN is now aware that the personal data…
In: Teen helps IRCTC fix bug that could expose passenger’s private information
DNA reports: A 17-year-old student in a private school in Chennai’s Tambaram has helped the Indian Railway Catering and Tourism Corporation (IRCTC) fix a bug in its online ticketing platform, which could have exposed millions of passengers and their private information. Ranganathan said that the critical Insecure Object Direct References (IODR) vulnerability on the website…
CISA, FBI, and NSA Release Joint Cybersecurity Advisory on Conti Ransomware
Alert (AA21-265A): Conti Ransomware The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed the increased use of Conti ransomware in more than 400 attacks on U.S. and international organizations. In typical Conti ransomware attacks, malicious cyber actors steal files, encrypt servers and workstations, and demand a ransom payment….
MN: Crystal Valley Computer Systems Infected By Ransomware Attack
Southern Minnesota News reports: Mankato-based Crystal Valley says a ransomware attack has infected their computer systems. The attack “severely interrupted” the daily operations, according to a company press release. Read more on SMN. The Crystal Valley Cooperative is a farm supply and grain marketing cooperative that serves Southern Minnesota and Northern Iowa, so this may…