Blog
Delta Has a Slim Path to Victory in CrowdStrike Lawsuit Over IT Outage and Flight Disruptions
Delta has been threatening to sue CrowdStrike over the July flight disruptions that caused mass chaos for travelers, and both parties have now filed papers against each other. CrowdStrike pins the extended IT outage primarily on Delta’s “antiquated” systems.
Data Breach Information Used to Bilk Canada Revenue Agency for Over $100 Million in Fake Tax Refunds
Canada Revenue Agency (CRA) has admitted that it has been undercounting fake tax refunds it has paid out for at least several years now, and what appeared to be tens of incidents per year has actually been tens of thousands.
AI and National Security a Top Focus in the Final Days of the Biden Administration
Some of the national security memo is an exhortation to Congress to authorize funding for projects seen as vital to keeping up with China in these areas. But federal agencies can be expected to immediately pick up the pace in integrating AI and recruiting talent, and both protections and new risk guidelines will be coming soon.
SolarWinds Hack Continues to Cost Companies as SEC Tracks Down Insufficient Cybersecurity Disclosures
“Overly broad language” and concealment of file access in SolarWinds hack cybersecurity disclosures can lead to fines in the millions of dollars, as an SEC investigation has recently demonstrated.
Infamous Brazilian Hacker’s Campaign of Data Breaches Ends in Arrest
A Brazilian hacker who has been a general menace for at least several years now, and involved with the massive National Public Data breach among others, is in the custody of the country’s federal police after a somewhat unusual series of events.
Data Breach of Pokémon Developer Includes Some of Nintendo’s Future Plans
Word began spreading of Pokémon developer Game Freak’s secrets being spread on 4Chan in early October. Tidbits found in the data breach include plans for a new animated cartoon with Netflix, and the company’s aim to make two sequels to its 2019 Detective Pikachu film.
Mandiant: Zero-Days up to 70% of Exploited Vulnerabilities
2023 saw Mandiant log 138 total incidents of exploited vulnerabilities for its report, of which 70% were zero-days. That is up substantially from 61% and 62% in the two prior years.
First Use of Quantum Computers to Crack Encryption Should Prompt Review, Not Panic
What this development warns of is the possibility of weaker quantum computers being used to crack encryption ahead of schedule, by focusing on specific standards and coming up with innovative approaches tailored to them.
31 Million Record Data Breach at Internet Archive Followed by Hacktivist DDoS Attacks
Service at the Internet Archive remains spotty after about two weeks of off-and-on attacks, beginning with a major data breach in late September that exposed 31 million user credentials.
European Government Air-Gapped Systems Successfully Hacked by Malware Attacks
The basic setup of the GoldenJackal malware attack is simple, but clever: compromise a USB drive known to be regularly connected to air-gapped systems, and let it harvest files for you. When it is returned to an internet-connected device, the stolen files are forwarded along their way.