Blog
Canadian Government Employees May Have Had Sensitive Information Exposed in Large Third Party Data Breach
Hundreds of thousands of Canadian government employees may have had sensitive personal and financial information exposed in a recent third party data breach.
Critical Infrastructure a Central Focus of CISA’s New Roadmap to AI Cybersecurity
CISA’s AI cybersecurity roadmap helps to clarify the concrete steps that federal agencies plan to take in the coming months. Critical infrastructure defense seems to be very high on the priority list, if not the #1 item.
Ransomware Gang Files SEC Complaint Against Victim for Failure to Report Data Breach
ALPHV/BlackCat ransomware gang is adopting a new pressure tactic by filing a SEC complaint against lending software outfit MeridianLink for failure to report an early November data breach.
Extensive Cyber Attacks on Denmark’s Energy Infrastructure Cyber Reveals Disturbing Trend of Patching Failures
SektorCERT recently issued a report on a wave of cyber attacks in May that targeted (and compromised a good deal of) the country’s energy infrastructure. A total of 22 organizations were compromised by cyber attacks in this campaign targeting vulnerable Zyxel firewalls.
More Critical Infrastructure Disrupted by a “Cyber Incident” as Australian Port Operations Are Snarled
The shutdown of port operations in Australia due to a cyber incident lasted roughly three days, during which time about 30,000 cargo containers that were scheduled to unload were backed up.
134 Clients Had Files Accessed in Okta Security Breach, 5 Experienced Follow-on Breaches
With 134 customers impacted and just five reporting attacks, the total impact of the Okta security breach appears to have been minimal. However, it has also added to an ongoing string of incidents for the company.
Largest Banks in the World Not Immune to Ransomware Attacks as ICBC US Faces Disruptions
A recent ransomware attack on Industrial & Commercial Bank of China Ltd. (ICBC) demonstrates that cyber criminals are not entirely ignoring major Chinese businesses, and that the largest banks in the world can still fall victim to them.
Another Digital Casino Heist? Singapore’s Marina Bay Sands Data Breach Involves Over Half a Million Customer Records
Singapore’s Marina Bay Sands is the latest casino-hotel complex to suffer a major data breach, and like the recent Vegas incidents it involves stolen loyalty program information.
World Governments Reach Formal Agreement to Refuse Ransomware Payments at DC Summit
The United States, EU members and select other countries (some 40 in total) have reached a formal agreement to refuse ransomware payments demanded of government agencies. At present, this has no impact on private organizations or companies.
Charges for SolarWinds and Its CISO in Massive 2020 Breach, SEC Alleges That Known Cybersecurity Risks Were Covered Up
In a development that is certainly sparking discussions in CISO circles, SolarWinds and its head of information security are being charged with negligence in addressing known cybersecurity risks and fraudulent false reporting to inflate company stock value.