Blog
-
InfoBroker Claims to Have Stolen Classified Information From Europol in Data Breach That Looks Credible
Europol looks to have been hit for some sensitive and classified information as a moderator with one of the biggest underground data trading forums claimed an attack and posted samples.
-
MOVEit Breach Confirmation for Georgia University System Comes in One Year Late
Georgia’s university system was thought to be among the first wave of organizations compromised when the MOVEit breach emerged in May 2023, but notifications have just recently been issued to about 800,000 likely victims.
-
State Department International Cybersecurity Strategy: Coalition-Building to Beat China to the Punch
The State Department’s international cybersecurity strategy makes clear the US government hopes to be at the head of a global consensus that exerts influence over everything from the internet’s undersea cables on up in the digital sphere.
-
Third Party Breach Exposes UK Armed Forces Pay Information; Chinese State-Backed Hackers Suspected
Another hole in a contractor’s defenses has led to a third party breach of a system containing sensitive government information, as the Ministry of Defense has confirmed that the financial information of some 272,000 UK armed forces personnel has been exposed.
-
Microsoft to Prioritize Company Focus on Cyber Threats With Security Initiative Revision
CEO Satya Nadella has specifically noted that Microsoft’s security initiative and focus on cyber threats must always come ahead of any other concern, including feature additions and improvement and support for legacy products.
-
Annual Verizon DBIR Highlights “Era of Vulnerability Exploitation,” Continued Importance of Timely Patching
Aside from continuing employee- and staffing-related struggles, the Verizon DBIR report also sees something of a “golden age” of vulnerability exploitation developing for cyber criminals.
-
North Korean Hackers Have Been Exploiting South Korean Defense Companies for Nearly Two Years
A report issued by South Korea’s National Police Agency indicates that the “big three” of North Korean hackers have all been involved in a project to hack national defense companies since at least late 2022.
-
TikTok Ban Moving Forward in the Name of National Security, But Legal Challenges Await
The government has a valid theoretical national security concern, one that has already led to TikTok bans on most federal devices and at numerous state and local levels, but the argument is not landing well with a US public that has almost half its population on the app.
-
Change Healthcare Breach Update: 6 TB Patient Data Stolen, $22 Million Ransom Payment Confirmed, $100 Billion Loss Projected
The Change Healthcare attack that leaked patient data and disrupted medical care across the US was indeed settled by a ransom payment. Now the former AlphV affiliate that perpetrated the attack has taken the data to a new extortion service and is demanding a second payment.
-
Nation-State Hacker Rampage With Ivanti Zero-Day Vulnerabilities Includes Breach of MITRE
As the Ivanti and MITRE incident demonstrates, serious zero-day vulnerabilities continue to linger even at security-minded organizations. MITRE was penetrated by a chain of two specific Ivanti vulnerabilities that were reported to the public in January, and nation-state hackers have been blamed.