In April, DataBreaches.net reported a chat with DarkSide threat actors. As part of that report, this site noted that Guess, the well-known clothing and accessories retailer, had been attacked in February and listed on the DarkSide threat actor’s dedicated leak site. DataBreaches.net had looked at the proof of claim that DarkSide had posted and described…
China’s Shenzhen City Enacted Regional Data Regulation
Manuel Torres and Zhang, Dun of Garrigues write: Shenzhen, the leading financial and production center for China and home of many Chinese internet and tech giants such as Huawei, Tencent and DJI, enacted its regional data protection law, ‘Data Regulation of the Shenzhen Special Economic Zone’ (Shenzhen Data Regulation) on June 29, 2021. Shenzhen Data…
HHS warns entities; patients file potential class action lawsuit over PACS breach
HHS recently issued an alert about a known vulnerability allowing access to some picture archiving communications systems (PACS). The vulnerability had been reported two years ago, and again months later, and there had been updated alerts since then. HHS is advising entities to address this as a priority now if they have not done so…
Malware abuses OBS live-streaming software to record victims’ screens
Catalin Cimpanu reports: Security researchers have uncovered a new malware strain that uses the popular OBS Studio live-streaming app to record and broadcast the screen of its victims to attackers. Named BIOPASS, this malware is a remote access trojan (RAT) coded in Python that was spotted in recent attacks targeting online gambling companies in China. Discovered…
Ten Long Island Residents Charged in Nationwide Identity Fraud Scheme
From the Law Firm Newswire: Thirteen people and three corporations were charged on a 108-count indictment in relation to a nationwide synthetic identity fraud scheme that netted over $1 million from financial institutions. Authorities believe the defendants also amassed a credit limit of hundreds of millions of dollars across the United States. The scam’s alleged…
AU: Cyber-attackers partially knockout Australian education department, while unrelated leak impacts Blackboard Collab users
While New South Wales’ new COVID outbreak is causing problems, it has other problems as well. On July 9, GRC World Forums reported: The New South Wales (NSW) department of education in Australia has deactivated some internal systems after becoming the victim of a cyber-attack. The timing has created considerable challenges for staff as they…