Collaborate Disseminate
Connor Jones reports: Emotional intelligence was at the heart of the British Library’s widely hailed response to its October ransomware attack, according to CEO Roly Keating. The British Library’s (BL) ransomware attack last year was one of… Continue reading British Library’s candid ransomware comms driven by ’emotional intelligence’
Seen at GPDP: Telemarketing: the Privacy Guarantor sanctions Enel Energia The company had not protected its databases from access by abusive touts The Privacy Guarantor has imposed a fine of over 79 million euros on Enel Energia for serious shortcoming… Continue reading Telemarketing: the Privacy Guarantor sanctions Enel Energia. The company had not protected its databases from access by abusive brokers
Here’s your “definitely want to read this one today” piece. Zack Whittaker reports: The incoming phone call flashes on a victim’s phone. It may only last a few seconds, but can end with the victim handing over codes that give cybercri… Continue reading ‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts
The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Black Basta this week. The alert was likely released this week because the attack on Ascension that is disrupting that health system has been attributed to Black Basta. The … Continue reading CISA Advisory: #StopRansomware: Black Basta
LockBit’s old leak site — the one seized by a coalition of law enforcement agencies under Operation Cronos — has been resurrected. As it did in February when LockBit victim listings were replaced by teasers about what information law … Continue reading Will feds reveal anything exciting about LockBit and LockBitSupp?
A notification by Guardant Health, Inc. in California (“Guardant”) caught DataBreaches’ eye yesterday. Guardant is a laboratory that performs cancer screening tests on samples received from its physician and hospital partners. Patient information… Continue reading Guardant notifies patients of unintended information exposure going back to October 2020
In December 2023, UW’s Fred Hutchinson Cancer Center (“Fred Hutch”) reported a November cyberattack that involved the exfiltration of patient data and attempted extortion of patients. DataBreaches contacted Fred Hutch on December 8 t… Continue reading Fred Hutch notifies more patients of November 2023 attack
Jonathan Greig reports that a CISA resource is having a positive effect at both a federal level as well as for non-governmental organizations: The Cybersecurity and Infrastructure Security Agency (CISA) has run its Known Exploited Vulnerabilities (KEV)… Continue reading CISA’s KEV catalog making a positive difference to defenders
For those who would like a timely reminder about making sure you terminate access and take control of devices immediately when an employee or contractor terminates employment, consider this press release from the Southern District of New York on May 1…. Continue reading Former Cybersecurity Consultant Arrested For $1.5 Million Extortion Scheme Against IT Company
Eduard Kovacs reports: Government agencies from the United States, Canada and the United Kingdom are providing recommendations to critical infrastructure organizations following a series of attacks launched by apparent pro-Russia hacktivists against in… Continue reading Russian Hackers Target Industrial Systems in North America, Europe