On Wednesday, Federal Communications Commission chairperson Jessica Rosenworcel published a Notice of Proposed Rulemaking (NRPM) that started the process of strengthening the Commission’s rules on notifying customers and federal law enforcement of data breaches. The Commission stated that the proposed updates would mean that the FCC data breach notification rules

Cybersecurity researchers have uncovered a critical vulnerability in the AWS Glue service that could allow remote attackers to access sensitive data owned by large numbers of customers. The bug was created due to an internal misconfiguration within the service. AWS Glue allows customers to combine data for projects such as

The government of El Salvador has denied responsibility for hacking the cell phones of possibly more than 35 journalists and members of society. The hack on the cell phones was carried out by using the spying program known as Pegasus. A report from Access Now and Citizen Lab claimed the

A threatening message of “be afraid and wait for the worst” was shone on a number of Ukrainian government websites after they were targeted in a cyberattack. The threatening message alleged the people’s personal information had been hacked. The websites of the Ministry of Foreign Affairs and a number of

Thousands of schools in the US were impacted by a ransomware attack that targeted Finalsite, a company that provides schools with hosted tools to manage their online presence and communications. Since the cyberattackers targeted Finalsite instead of individual school systems, thousands of school websites hosted by Finalsite went down at

Earlier this week, Microsoft issued a fix for a vulnerability that allows remote, unprivileged attackers to abuse Remote Desktop Protocol (RDP) from inside Windows devices. The flaw could allow attackers to hijack smart cards and gain unauthorized access to file systems. The bug, which is tracked as CVE-2022-21893, could lead

Researchers from Avanan, a Check Point company, discovered an ongoing campaign in which threat actors are creating accounts within Adobe Cloud suite and sending images of illegitimate PDFs to target Gmail and Office 365 users. The campaign was uncovered in December. The PDF links and other malicious email attachments lead

The Medical Review Institute of America (MRIoA) has suffered from a cyberattack that may have exposed the personal data of over 134,000 individuals. The institute is based in Salt Lake City, Utah. The cyber incident was reportedly discovered on November 9, 2021 after unauthorized access was detected. According to MRIoA,

On Thursday, Outpost24’s Blueliv published a report titled “Follow the Money,” designed to identify and track groups that are major culprits of theft and fraud in the financial sector. The report found that the Lazarus, Cobalt, and FIN7 threat groups have been the most prevalent threat actors striking financial organization.

The Metropolitan Detention Center in Bernalillo County, New Mexico, was forced into lockdown on January 5 due to a cyberattack that targeted the county’s systems and deployed malware. Local government systems were impacted by the cyberattack, including those that are used to manage the prison. Inmates were required to remain