The federal Cybersecurity and Infrastructure Security Agency (CISA) released a few cybersecurity “bad practices” this week to assist in decreasing the volume of knowable and preventable cyber mistakes. These bad practices are aimed at educating critical infrastructure owners and operators, as well as the defense industry and the organizations that support the supply
hacker
Privacy Tip #290 – 700 Million LinkedIn Users’ Data for Sale on Hacker Forum
Although a security researcher has confirmed that LinkedIn users’ data, including full names, gender, email addresses, telephone numbers, and industry information is for sale on RaidForums by a hacker self-dubbed “GOD User TomLiner,” LinkedIn has stated that it is not from a data breach of its networks. According to LinkedIn, “[O]ur initial analysis indicates that…
Prometheus Ransomware Targeting Manufacturing Sector
Since the Colonial Pipeline and JBS meat manufacturing security incidents, attention is finally being paid to the cybersecurity vulnerabilities of critical infrastructure in the U.S. and in particular, the potential effect on day to day life and national security if large and significant manufacturers’ production are disrupted. In the wake of these recent incidents in…
Metropolitan Washington, D.C. Police Department Hit with Ransomware Attack
The Associated Press has reported that the Metropolitan Washington, D.C. police department has been the victim of a hacking incident for which the Russian-based ransomware group Babuk is claiming responsibility. According to the department, the FBI is investigating the incident.
It is reported that the department’s police operations were not affected. Babuk claims that it…
School Nutrition Vendor Sued for Compromise of 867,209 K-12 Student Records
PCS Revenue Control Systems, Inc. (PCS) was hit with a proposed class action lawsuit last week alleging that it discovered a data breach from a hacking attack in December 2019 but failed to notify the affected students until March of 2021.
According to the lawsuit, student information was collected by PCS’s predecessor, Advanced Business Technologies…
Ironic Justice: WeLeakInfo Users’ Information Compromised
In the category of “you can’t make this up but satisfyingly ironic,” it was recently reported that criminals who used the WeLeakInfo database to buy stolen credentials of individuals have had their own information compromised. It’s about time criminals get their just reward. Why would hackers treat other hackers any differently than the rest of…
Unidentified Hacker Breaches Florida City’s Water Treatment System
A Tampa, Florida area water facility was recently hacked using a popular remote-access software tool. The unidentified hacker also used the software to connect to an on-site computer and then used that computer to access the facility’s control panel. Once there, the hacker programmed a 100x-increase in the levels of sodium hydroxide (lye) to be…
Governor Cuomo Announces New Proposal for a Consumer Data Privacy Bill of Rights
New York Governor Andrew Cuomo recently announced his proposal for a comprehensive data security law that will “provide New Yorkers with transparency and control over their personal data and provide new privacy protections.” The proposal also would establish a Consumer Data Privacy Bill of Rights that would guarantee “the right to access, control, and erase…
Crypto Exchange BuyUCoin Database Leaked
Indian news outlet Inc42 has reported that the ShinyHunters hacking group found some shiny objects when it was able to compromise the personal information of hundreds of thousands of individuals using the crypto exchange BuyUCoin.
The hackers were able to compromise and subsequently leak a BuyUCoin database that contained names, telephone numbers, email addresses, tax…
Activist Hackers Claim They Archived Parler Content Leading Up to Riots
Users of the Parler social media platform who participated in the riots last week at the U.S. Capitol are reportedly uneasy following the announcement that several activist hackers archived posts as they were happening in real time during the riots, and that they will release the posts publicly to assist law enforcement with investigations. Another…