Mathew J. Schwartz reports: If you’re a criminal, practicing good operational security would seem to preclude granting tell-all news media interviews. And yet we’ve seen a spate of attackers who wield ransomware – including MountLocker, LockBit, REvil and DarkMatter – sharing insights into their inclinations, motivations and tactics. One perhaps inadvertent takeaway from their interviews…
Australian Cyber Security Centre reports multiple victims of LockBit 2.0 ransomware
David Simmons reports: A ransomware attack called LockBit 2.0 has hit multiple organisations across various industry sectors according to the Australian Cyber Security Centre (ACSC), with the government body publishing a ‘medium’ alert for the cybercrime. […] Operators of the platform have appeared on Russian-language cybercrime forums since January 2020 according to ACSC, but the…
NY: Prosecutors push to sentence SUNY Plattsburgh hacker to four years in prison
Fernando Alba reports: Federal prosecutors are pushing to sentence SUNY Plattsburgh alumnus Nicholas Faber to up to four years in prison for hacking into students’ accounts and stealing explicit and compromising photos, according to court documents. Faber, 25, of Rochester, pleaded guilty to aggravated Identity theft and computer intrusion causing damage offenses in February, saying…
StarHub suffers data breach, but says no system was compromised
Eileen Yu reports: StarHub says personal data of its customers, including email addresses and mobile numbers, have been found on a dump site. The Singapore telco, however, insists none of its customer database or data systems have been breached. The data breach was discovered during a “proactive online surveillance” on July 6 by its cybersecurity…
SolarWinds urges US judge to toss out crap infosec sueball: We got pwned by actual Russia, give us a break
Gareth Corfield reports: SolarWinds is urging a US federal judge to throw out a lawsuit brought against it by aggrieved shareholders who say they were misled about its security posture in advance of the infamous Russian attack on the business. Insisting that it was “the victim of the most sophisticated cyberattack in history” in a…
AU: Optus under investigation for White Pages privacy breach
Tom Biggs reports: Regulators have opened an investigation into Optus for potential breaches of the Privacy Act, following an incident in which the telco accidentally sent off thousands of customers’ contact details to be published in the White Pages directory against their wishes. In October 2019 Optus contacted almost 50,000 customers to inform them of the privacy…