Quality assurance for malware developers? Ireland struggles with Conti ransomware; FBI warns of Conti in the US. | #government | #hacking | #cyberattack


Dateline Houston, Texas, to Linden, New Jersey: Colonial Pipeline’s ransomware incident.

Colonial Pipeline tries to determine how DarkSide breached its network while interest in prevention spikes (CBS58) Colonial Pipeline is still trying to narrow in on how its network was breached following a ransomware attack that resulted in the closing down of a critical pipeline that led to a massive gas run on the East Coast and sparke

The Colonial pipeline ransomware hackers had a secret weapon: self-promoting cybersecurity firms (MIT Technology Review) On January 11, antivirus company Bitdefender said it was “happy to announce” a startling breakthrough. It had found a flaw in the ransomware that a gang known as DarkSide was using to freeze computer networks of dozens of businesses in the US and Europe. Companies facing demands from DarkSide could download a free tool from…

The Colonial Pipeline attack should be a wake-up call for hardening our cyber defenses (TheHill) Deterrence happens only when an enemy is met with a strong defense and the real threat of counterattack.

‘Immediate, realistic and credible’: Security boss warns of risk of major cyber attack (ABC) One of Australia’s top national security figures warns the threat of a cyber attack that could take down critical infrastructure like the nation’s electricity network is “immediate” and “realistic”.

Personal View: The Colonial cyberattack should scare you (Crain’s Cleveland Business) ‘Here are a few things every executive, at every company, in every industry, should be asking themselves after a major ransomware attack crippled a critical fuel pipeline across a large swath of the United States,’ writes Kevin Benacci.

Attacks, Threats, and Vulnerabilities

FBI: Conti ransomware attacked 16 US healthcare, first responder orgs (BleepingComputer) The Federal Bureau of Investigation (FBI) says the Conti ransomware gang has attempted to breach the networks of over a dozen US healthcare and first responder organizations.

FBI: Conti ransomware gang attacked more than 400 orgs, including 911 centers (The Record by Recorded Future) The Conti ransomware gang has victimized more than 400 organizations worldwide, 290 of which were based in the United States, the Federal Bureau of Investigation said in a security alert it sent on Thursday.

Cyber gang behind Irish health system attack also hit more than a dozen US healthcare organisations (Computing) Conti group has attacked more than 400 entities worldwide including law enforcement agencies, municipalities, emergency medical services and 911 dispatch centres

BSI-Chef sieht Gefahr von Cyber-Angriffen auf Krankenhäuser (heise online) Der Präsident des Bundesamts für Sicherheit in der Informationstechnik (BSI) sorgt sich um die medizinische Infrastruktur in Deutschland.

German cyber security chief fears hackers could target hospitals (CNA) German hospitals may be at increased risk from hackers, the head of the country’s cyber security agency said on Saturday, following two …

Colombian Defense Minister accuses Russia of cyberattacks to stoke violence during protests and the Russian Embassy responds to him (Market Research Telecast) The Russian Embassy in Colombia “completely rejected” the statements of the Colombian Defense Minister, Diego Molano, who this week granted two interviews, in which he…

Colombia targeted by foreign trolls and 7,000+ fake SM accounts (The City Paper Bogotá) A disinformation campaign targeting Colombia’s pro-democracy supporters is being fueled by trolls and foreign click farms, claims recent study by Washington’s SFS.

Elon Musk and Tesla-related BTC giveaway scams are back in season… (HOTforSecurity) Threat actors are relentless when it comes to recycling old ruses to fool internet users and steal their money. While the ongoing pandemic and vaccination campaigns ushered in a new wave of creative scams, some malicious actors prefer to stick to… #bitcoinscams #BitdefenderAntispamLab #elonmusk

Tulsa Cybersecurity Attack Similar to Pipeline Attack (SecurityWeek) A cybersecurity attack on the city of Tulsa’s computer system was similar to an attack on the Colonial Pipeline and that the hacker is known.

Broker ‘Hacked By Group Linked To US Pipeline Attack’ (Law360) A British insurance broker said on Friday that it has been hacked by a group claiming links with the crime organization behind the ransomware cyberattack on Colonial Pipeline in the U.S.

Insurer One Call falls victim to ransomware attack from DarkSide gang (Computing) Gang is reportedly demanding £15 million from the company

This ransomware-spreading malware botnet just won’t go away (ZDNet) This longstanding botnet persists – and thrives – and is shifting to target victims across the globe.

This massive phishing campaign delivers password-stealing malware disguised as ransomware (ZDNet) Java-based STRRAT malware creates a backdoor into infected machines – but distracts victims by acting like ransomware.

QNAP confirms Qlocker ransomware used HBS backdoor account (BleepingComputer) QNAP is advising customers to update the HBS 3 disaster recovery app to block Qlocker ransomware attacks targeting their Internet-exposed Network Attached Storage (NAS) devices.

Lack of developer attention to cloud security prompts alerts (ComputerWeekly.com) The personal data of over 100 million Android users may have been put at risk through a variety of cloud service misconfigurations

ICS Vendors Assessing Impact of New OPC UA Vulnerabilities (SecurityWeek) Multiple ICS vendors are assessing the impact of a couple of new OPC UA vulnerabilities, and Germany’s Beckhoff is the first to release an advisory.

Harris says there is a ‘real risk’ patient data will leak tomorrow (Irish Examiner) Minister says it is vital people know that the state will never call asking for your bank details over the telephone or by email

What happens if the HSE cyberattack data is leaked? (Silicon Republic) Data stolen from the HSE cyberattack could start to appear online. Here’s what you need to know about why it matters and how to stay safe.

Cyberattack: No stone unturned in Government response, says Minister (The Irish Times) Stolen HSE data expected to be released online from Monday as ransom will not be paid

HSE hackers: A sinister journey into the heart of the dark web   (Independent) The journey to the dark side of the internet begins with a few clicks of the mouse and battery of armour to repel passing cyber nasties. You cross over through a dangerous portal — and on the other side a myriad of nightmarish rabbit holes await, beckoning visitors to burrow down into the maze.

Garda expect ‘avalanche’ of fraud claims following hacker data release (The Irish Times) Stolen data release would expose patients to many potential scams, senior officers warn

Some HSE IT systems returning as decryption tool tested (RTE.ie) The HSE has developed and tested a new version of the decryption tool and this is now being deployed across the core network.

NZ firm helps Irish health service recover from ransomware attack (Stuff) Emsisoft has also offered free help to Waikato DHB, though there may be less it can assist it with for now.

Cyber attack: When will the Irish health service get a resolution? (BBC News) It is more than a week since Ireland’s health service became the victim of a cyber attack.

Give me a crash course in… the Wizard Spider cyber attack (The Irish Times) The group of cybercriminals hacked the HSE, saying they will leak confidential patient data

New Zealand hospital faces second week of disruption after major cyber attack (the Guardian) It is not clear who carried out last week’s attack on Waikato hospital, which downed computers and phone lines

Air India data breach impacts 4.5 million customers (BleepingComputer) Air India disclosed a data breach after personal information belonging to roughly 4.5 million of its customers was leaked two months following the hack of Passenger Service System provider SITA in February 2021.

Air India discloses data of 4.5m passengers were stolen in SITA cyber attack (ZDNet) Air India passenger data, across a 10-year period, was stolen in the February cyber attack suffered by SITA.

Air India passenger data breach reveals SITA hack worse than first thought (TechCrunch) 4.5 million passenger customer records were taken in the incident.

Cyber-Attack on Air India Led to Data Leak of 4.5 Million Fliers (Bloomberg) The leak includes contact information, credit cards data. Air India has secured the compromised servers since the attack.

Cyber attack: Air India servers hacked, customers’ credit card details compromised (Times Now) The national carrier issued a statement informing its passengers that its SITA PSS server, which is responsible for storing and processing personal information of fliers, was subject to a cybersecurity attack.

Air India Reports Data Breach; 45 Lakh passengers’ Data Compromised (Inc42 Media) The Air India data breach involved personal data of users registered between 26th August 2011 and 3rd February 2021

Private schools complain of data security breach (The Hindu) Private schools have complained of a data security breach by officials with the Department of Primary and Secondary Education, while student information was fed into the Unified District Information S

Waikato DHB Cyber-attack Not Surprising (Scoop News) FintechNZ says the cyber-attack on the Waikato District Health Board is not surprising considering only six percent of Kiwi companies have adequate protection. On average, companies take about 197 days to identify and 69 days to contain a breach according …

The Adobe Spark “Request for Proposal” Scam (INKY) Beginning in January 2021, several INKY users began receiving emails with fake “requests for proposal” (RFPs). These supposed RFPs came from recipients’ legitimate contacts, but those accounts had been compromised by bad actors.

Bizarro banking malware targets 70 banks in Europe and South America (BleepingComputer) A banking trojan named Bizarro that originates from Brazil has crossed the borders and started to target customers of 70 banks in Europe and South America.

Pro-Palestinian activists target Facebook with 1-star app store reviews (NBC News) The coordinated campaign is meant to protest the company’s alleged censorship of Palestinian accounts and posts.

Cyberattacks: What food processors won’t talk about (Food Engineering) An issue food processors won’t talk about openly is whether they’ve been the victim of a cyberattack.

Sacramento officials warn of data breach on ParkMobile app (California News Times) The breach accessed some common account information, such as license plate numbers, email addresses, and phone numbers. Sacramento, CA — Sacramento Public Works Department Warn residents about data breaches ParkMobile Parking app from March 2021. A department official said the breach was caused by a vulnerability in the third-party software used in the ParkMobile app. …

Data breach exposes info on Adirondack patients (NNY360) The personal information of more than 800 patients of Adirondack Health may have…

Report: Multinational Logistics Company Exposed Customers’ in Data Breach (Website Planet) Company name and location: Bergen Logistics, located in the USA, Canada, Europe & Asia. Size: Less than 100 MB

Security Patches, Mitigations, and Software Updates

Microsoft is finally getting rid of its most-hated product (KAKE) The end is finally near for Internet Explorer, one of Microsoft’s most-reviled products that refused to die.

Stale sessions, ML poisoning among 2021’s top security threats (SearchSecurity) The closing panel discussion at RSA Conference 2021 discussed the threat of ML poisoning and long-lasting session cookies.

67% of Indian users see no harm in delaying a software update on their device: Report (Hinud Businessline) According to the analysis by Kaspersky, “installing updates is considered a routine boring task” by users

27% of Indian organisations suffered at least one data breach in the past year: Report (Hindu Businessline) It is mainly due to application vulnerability

Marketplace

Defying US sanctions, Russian cybersecurity firm aims for 2022 IPO (Reuters) Russian cybersecurity firm Positive Technologies is pressing ahead with plans for an initial public offering (IPO) next year, despite the imposition of U.S. sanctions in April that ban it from working with U.S. financial institutions.

42Crunch raises $17m in Series A to solve global API security threat (42Crunch) 42Crunch, the API security leader, today announces that it has secured $17 million in a Series A investment led by Energy Impact Partners, a leading global investment firm, joined by Adara Ventures.

Data Access Control Firm Immuta Raises $90 Million in Series D Funding (SecurityWeek) Cloud data access control solutions provider Immuta this week announced raising $90 million in Series D funding, which brings the total capital invested in the company to $169 million.

Healthcare IoT Cybersecurity Firm Cynerio Raises $30 Million (SecurityWeek) Healthcare IoT cybersecurity and asset management solutions provider Cynerio this week announced closing a $30 million Series B funding round

TruSTAR Acquisition Could Shake The Splunk Funk (Nasdaq) Two days ago, Splunk, Inc. (SPLK), a company whose software platform allows users to analyze large volumes of data in real time, announced its acquisition of TruSTAR, a cloud native intelligence management tool. Both companies offer data-centric programs.

Telos CEO talks massive growth on cloud demand, concern around cyberattacks (Washington Business Journal) The Ashburn company’s first quarter revenue grew by 43% from the prior year.

Insurers Set Limits On Risky Sectors Amid Cybercrime Spike (Law360) The mushrooming pace of cyberattacks has led many insurance providers to set coverage limits on sectors like health care and education that are known to be a common target for hacks, the U.S. Government Accountability Office has found.

RSA Conference 2021 – Summary of Vendor Announcements (SecurityWeek) The 2021 edition of the RSA Conference — a fully virtual event this year — took place May 17-20 and several companies used the opportunity to announce new products, services, initiatives, and other resources.

WSJ News Exclusive | Google Unit DeepMind Tried—and Failed—to Win AI Autonomy From Parent (Wall Street Journal) The artificial intelligence unit’s desire for an independent legal structure has been thwarted by its parent company.

CNA Paid $40 Million in Ransom After March Cyber Attack (Insurance Journal) CNA Financial Corp., among the largest insurance companies in the U.S., paid $40 million in late March to regain control of its network after a ransomware

Bitcoin Miners Are Giving New Life to Old Fossil-Fuel Power Plants (Wall Street Journal) The lofty prices of cryptocurrencies have investors sinking money into electricity generation, risking a backlash.

$ASS Coin Billionaire: Tales From the Fringe of the Crypto Craze (Bloomberg) Meet the thrill-seeking traders who are prowling for profits in the wildest corners of the market — all in search of the next big coin.

How an unemployed day-trader burned by both GameStop and dogecoin ended up owning 20 billion units of a cryptocurrency known as ASS coin (Business Insider) Day-trader Eric Hackney is a ‘thrill-seeking amateur, goaded on by social media,’ Bloomberg reported.

Security agencies and police beef up iPhone-cracking contracts (The Telegraph) Cellebrite helps governments spill citizens’ smartphone secrets when Apple, Google and Facebook will not

Meet the man behind controversial iPhone-cracking company Cellebrite (The Telegraph) The digital forensics company beloved by British police is coming out of the shadows as it prepares to go public

Resilience Cyber Insurance Solutions makes seven key hires (Insurance Business) Moves strengthen the company’s operations across underwriting, data science and more

HackerOne hires new leaders to drive the product roadmap (Help Net Security) HackerOne announced that it is doubling down on its investment in innovation with the hiring of new leaders to drive the product roadmap.

Products, Services, and Solutions

WatchGuard Delivers Endpoint Security for Qualcomm Snapdragon 5G PCs (AiThority) WatchGuard Technologies, a global leader in network security and intelligence, multi-factor authentication, advanced endpoint protection, and secure Wi-Fi

FireEye Mandiant Introduces Cyber Risk Management Services (MSSP Alert) FireEye Mandiant offers Cyber Risk Management Services. Customers gain threat intelligence to optimize their security programs.

Human error is still one of the most common causes of cyber-attacks – Nixu strengthens its security awareness services (News Powered by Cision) Nixu Corporation, Press release May 24, 2021 at 8.30 AM EEST
European cybersecurity company Nixu

Aqua Security Experts Tapped by MITRE ATT&CK® to Contribute to New Container Framework  (Aqua) Aqua’s Team Nautilus researchers were tapped by the MITRE ATT&CK team to contribute to the development of the new Container Framework.

ThetaRay’s New SONAR Solution Unleashes $25 Trillion Cross-Border Payments Sector by Eliminating Money Laundering Risk (PR Newswire) ThetaRay, a leading provider of AI-based Big Data analytics, today launched SONAR, the industry’s most advanced financial crime prevention…

Ermetic Partners with Identity Defined Security Alliance to Raise Awareness for Cloud Infrastructure Entitlement Management (BusinessWire) Cloud infrastructure entitlement management is becoming an urgent concern as companies move more and more sensitive workloads to AWS, Azure and Google

Technologies, Techniques, and Standards

Cybersecurity is Now Essential to Corporate Strategy. Here’s How to Bring the Two Together. (mySA) When Covid-19 forced the rapid transition to a remote workforce, it permanently shifted…

Misconfigurations are the Biggest Threat to Cloud Security: Here’s What to Do (Infosecurity Magazine) Four ways to protect against cloud security misconfigurations, the biggest threat to cloud security

AWS IAM security (AT&T Business) AWS Policies are a key foundation in good cloud security, but they are often overlooked. In this blog, we take a quick look on some AWS Policies, particularly for Identity and Access Management (IAM), that could become problematic if not properly managed. We’ll discuss how they can be used against us to generate attacks like: Ransomware, data exfiltration, credential abuse, and more. Finally, we’ll suggest some Open Source tools for cloud policy assessment an

How can banks mitigate the risks of poor cyber hygiene practices? (Information Age) Michael Magrath, director, global regulations and standards, OneSpan, discusses how banks can mitigate the risks of poor cyber hygiene

Design and Innovation

Leaked Emails Show Crime App Citizen Is Testing On-Demand Security Force (Vice) Citizen would deploy private security forces at the request of app users, according to documents and sources.

Hardening AI: Is machine learning the next infosec imperative? (ITProPortal) Technology analyst discusses the significance of securing machine leaning and the innovation still to come.

Academia

Universities offer rich pickings for cyber criminals (Australian Financial Review) Three universities have been hit by cyber attacks this year. Are they just really lax at security or are there other factors at play?

UCSC students seek more protection after data breach (Santa Cruz Sentinel) The UC system was one of more than 100 organizations to experience the attack in December.

Legislation, Policy, and Regulation

Belgium approves new cyber strategy with emphasis on essential institutions (The Record by Recorded Future) Roughly two weeks after Belgium’s parliament, universities, and scientific institutions were hit by a cyberattack, the country’s National Security Council approved a new cybersecurity strategy that aims to overhaul its digital defenses.

The UK’s Approach to Russian Cyber Operations Shows No Signs of Changing (RUSI) The UK’s limited response to the SolarWinds campaign emphasises the importance of domestic political pressure in cyber policy., The White House has continued its response to what has become widely known as the ‘SolarWinds hack’ with an Executive Order primarily aimed at improving the cyber security of the US public sector. This followed last month’s formal attribution of a wide-ranging cyber espionage campaign against high-value businesses and government agencies in the US and other countries to Russia’s Foreign Intelligence Service (SVR).

How Australia came to ban Huawei (Light Reading) Australian cybersecurity experts spent eight months trying to find a way to secure Huawei equipment but concluded they could not prevent it being shut down on Beijing’s orders, according to revelations in a new book.

The equities of telco cyber exploitation: 5G and the Huawei ban (ORF) The Indian government has commenced the trials of 5G technology, but the Chinese company Huawei is notably absent from the list of approved vendors.

India’s decision on Huawei, ZTE may have been shaped by “espionage acts” globally (The Economic Times) American cybersecurity firm Mandiant has said that Beijing has engaged in extensive cyber espionage against both friends and adversaries based on fibre optic communications infrastructure.

US-China tech fight opens new front in Ethiopia (mint) A U.S.-backed consortium beat a Chinese-backed one for a multibillion-dollar contract to build Ethiopia’s 5G-capable network

Sweden warned not to fall into US ‘trap’ to ban Chinese firms (Global Times) As a Sweden court is weighing a decision that could decide Huawei’s fate in the country, Chinese analysts warned that Sweden – along with other European countries – should be aware that a Huawei ban at the behest of the US may hurt their own companies and dampen their roles in the 5G sector.

Apple is ‘a pawn in China’s malfeasance,’ say four members of Congress (9to5Mac) Four members of Congress have accused Apple of being “a pawn in China’s malfeasance” in putting the privacy of customer data at risk in the country. They have urged Apple to reassess its business practices in the country, and its relationship with the Chinese government … An open letter to Apple CEO Tim Cook (shown […]

NSA outlines its information-sharing duties under Biden cyber EO (InsideDefense.com) The National Security Agency is taking up its mandate to establish capabilities for robust information sharing between industry and government as part of the Biden executive order designed to bolster the security of federal networks and strengthen relationships with industry.

Biden orders Software Bill of Materials to boost cybersecurity. AdvaMed wants uniform standards. (MedTech Dive) An executive order calls for an electronically readable format to provide an inventory of third-party components in devices. The medtech lobby backs the SBOM concept but says standardization is critical.  

Unfunded mandates in the cyber EO? (FCW) New marching orders for agencies and technology vendors in the Biden administration’s new cybersecurity policy need to be supported in the budget, industry reps say.

Biden’s plan for cyber is a day late and a dollar short (TheHill) The Colonial Pipeline ransomware attack was only the latest in a long string of cyberattacks that prove just how vulnerable we are as a nation.

US Chamber Asks Government To Get More Involved In Ransomware Defense (Nextgov) The Chamber of Commerce offered six steps the federal government can take to help American businesses defend against and respond to ransomware cyberattacks.

Polling Backs Need for More Federal Cybersecurity Investments, Threat Sharing (MeriTalk) Following a string of high-profile cyber attacks against private sector and government organizations over the past several months, more than half of Americans surveyed by The Harris Poll believe further cybersecurity investments are essential to combat the threat, and that the Federal government, the military, and the private sector should share cyber threat and attack data to help in the fight.

Shaheen, Hassan Introduce Legislation to Protect America’s Small Businesses From Cybersecurity Threats | U.S. Senator Jeanne Shaheen of New Hampshire (Jeanne Shaheen, US Senator from New Hampshire) The Official U.S. Senate website of Senator Jeanne Shaheen of New Hampshire

Securing the cyber advantage: U.S. Cyber Command celebrates its 11th year (U.S. Cyber Command) Securing the cyber advantage: U.S. Cyber Command celebrates its 11th year

Why Cryptocurrency Is Crazy—Like a Fox (Foreign Policy) Bitcoin’s already ageing out, and central banks may lose in the race against whatever comes next.

Lessons In Civility From The Alex Oh Sanctions Controversy (Law360) Alex Oh’s abrupt departure from the U.S. Securities and Exchange Commission and admonishment by a D.C. federal judge over conduct in an Exxon human rights case demonstrate three major costs of incivility to lawyers, and highlight the importance of teaching civility in law school, says David Grenardo at St. Mary’s University.

Pa. Senate Holding Hearing Over COVID-19 Contract Tracing Data Breach (CBS Local Pittsburgh) Pennsylvania’s State Senate is taking action today, even though the state has already canceled a contract with a third-party vendor who’s responsible for a data breach of health records for 72,000 people in Pennsylvania.

Litigation, Investigation, and Law Enforcement

Indonesian government bans hacker forum after leak, in talks over data protection bill | KrASIA (KrASIA) As several major data leaks lead to calls for urgent action, lawmakers debate the details of a data protection bill.

Chinese governments has warned 222 apps to remove data slurping code (The Record by Recorded Future) Three weeks after a data privacy protection law has entered into effect in China, the Beijing government has begun warning mobile app developers to remove intrusive data slurping code that collects unnecessary user information beyond an application’s primary scope.

Squeeze on Bitcoin: China Province Sets Up Hotline to Tattle on Crypto Miners (Crowdfund Insider) Multiple reports are indicating that China continues to put the squeeze on cryptocurrency. Long ago, China officially halted crypto trading but the country has long been home to many crypto miners. In fact, according to the Cambridge Centre of Alternative Finance (CCAF)Bitcoin Mining Map, China

Veterans Affairs says no evidence of data loss from SolarWinds hack (Federal News Network) VA’s top cybersecurity official said that audits show no indications the Solarwinds vulnerability was used for malicious activity on department’s networks.

Tim Cook plays innocent in Epic v Apple’s culminating testimony (TechCrunch) Apple CEO Tim Cook took his first turn in the witness chair this morning in what is probably the most anticipated testimony of the Epic v. Apple antitrust case. But rather than a fiery condemnation of Epic’s shenanigans and allegations, Cook offered a mild, carefully tended ignorance that lef…

Epic-Apple’s ‘Super Bowl Of Antitrust’ Trial May Be Watershed (Law360) As Epic Games Inc.’s high-stakes antitrust bench trial against Apple Inc. nears its end, experts told Law360 that an Epic win could mark a shift in antitrust law in favor of plaintiffs suing technology giants, while potentially opening the door for a “Wild West” in smartphone security.

FBI analyst took documents on bin Laden and al Qaeda and kept them for years, feds say. She’s now been charged. (Washington Post) An FBI intelligence analyst has been indicted for stealing a trove of secret national security documents and storing them at her home for more than a decade, Missouri federal prosecutors said Friday.

FBI analyst took documents on bin Laden and al-Qaida, kept them for years, feds say. She’s now been charged. (Anchorage Daily News) Kendra Kingsbury is accused of taking materials that described intelligence sources and methods, cyber threats and other highly sensitive matters.

‘Astonishing’: FBI analyst charged with removing classified documents for over a decade (USA TODAY) Kendra Kingsbury of the FBI’s Kansas City division allegedly took classified documents, including some related to al-Qaeda, and kept it at home.

FBI Employee Indicted for Illegally Removing National Security Documents, Taking Material to Her Home (US Department of Justice) An employee of the FBI’s Kansas City Division has been indicted by a federal grand jury for illegally removing numerous national security documents that were found in her home.

Arizona Election Audit to Resume Amid GOP Infighting (Wall Street Journal) The Republican-majority Maricopa County board says the audit ordered by Senate leaders is a mismanaged “spectacle,” while supporters say the audit will address election questions.

Analysis | The Cybersecurity 202: Maricopa County is showing how not to audit an election (Washington Post) Arizona’s top election official is urging the county to discard audited voting machines over security concerns.

Amex Fined After Sending Over Four Million Spam Emails (Infosecurity Magazine) Amex Fined After Sending Over Four Million Spam Emails. ICO claims customers did not consent to receiving marketing messages

Maryland Man Pleads Guilty to Financial Scams Using Online Dating Sites (U.S. Attorney’s Office Eastern District of Virginia) A Leonardtown, Maryland man pleaded guilty today to mail fraud in connection with an online dating site romance scam.

US water filter supplier pays $200,000 to settle credit card data leak lawsuit (The Daily Swig) Filters Fast agrees to pay New York Attorney General

Home Depot Online Shoppers Bring Florida Wiretap Suit (Law360) A group of online Home Depot customers in Florida has accused the retailer of illegally intercepting their communications with marketing analytics software they call a “wiretapping device.”

Growing mystery of suspected energy attacks draws US concern (The Independent) The Biden administration faces increasing pressure to respond to a sharply growing number of reported injuries suffered by diplomats, intelligence officers and military personnel that some suspect are caused by devices that emit waves of energy that disrupt brain function



Original Source link

Leave a Reply

Your email address will not be published.

eighty nine − = 82