18 Jan 2022

NATO, Ukraine Sign Deal to ‘Deepen’ Cyber Cooperation

NATO signed a deal on Monday to strengthen its cyber support for Ukraine after a hacking attack against Kyiv. These attacks have prompted fears that Russia could be plotting an invasion. Ukraine said Sunday that it had evidence Moscow was behind last week’s attack on government websites, however the Kremlin

Read More
18 Jan 2022

PCI SSC updates card security standards to secure the card production process

The PCI Security Standards Council announced an update of the PCI Card Production and Provisioning Security Requirements. The update allows payment card vendors to secure components and sensitive data involved in the production of payment cards. These standards protect against fraud via the compromise of card materials.  Card production includes

Read More
18 Jan 2022

Ukraine: Wiper malware masquerading as ransomware hits government organizations

Microsoft researchers have revealed evidence of a malware operation targeting multiple organizations in Ukraine in the wake of last week’s cyber attack on Ukrainian government websites. The new attack is deploying Master Boot Records (MBR) wiper malware disguised as ransomware. According to Microsoft, the malware first appeared on the victimized

Read More
18 Jan 2022

Russia arrests REvil ransomware gang members at request of US officials

14 members of the REvil ransomware group have been arrested by the Russian government. A joint effort between the Federal Security Service of the Russian Federation and the Ministry of Internal Affairs of Russia led to the arrest of the members of the cybercrime group. Several assets were seized in

Read More
14 Jan 2022

FCC Proposes Stricter Data Breach Reporting Requirements

On Wednesday, Federal Communications Commission chairperson Jessica Rosenworcel published a Notice of Proposed Rulemaking (NRPM) that started the process of strengthening the Commission’s rules on notifying customers and federal law enforcement of data breaches. The Commission stated that the proposed updates would mean that the FCC data breach notification rules

Read More
14 Jan 2022

AWS Patches Glue Bug That Put Customer Data at Risk

Cybersecurity researchers have uncovered a critical vulnerability in the AWS Glue service that could allow remote attackers to access sensitive data owned by large numbers of customers. The bug was created due to an internal misconfiguration within the service. AWS Glue allows customers to combine data for projects such as

Read More
14 Jan 2022

El Salvador denies responsibility for hacking journalists after report finds Pegasus spyware on their phones

The government of El Salvador has denied responsibility for hacking the cell phones of possibly more than 35 journalists and members of society. The hack on the cell phones was carried out by using the spying program known as Pegasus. A report from Access Now and Citizen Lab claimed the

Read More
14 Jan 2022

Cyberattack hits Ukraine government websites: Here is what you should do

A threatening message of “be afraid and wait for the worst” was shone on a number of Ukrainian government websites after they were targeted in a cyberattack. The threatening message alleged the people’s personal information had been hacked. The websites of the Ministry of Foreign Affairs and a number of

Read More
13 Jan 2022

Ransomware Attack Takes Thousands Of U.S. School Websites Offline

Thousands of schools in the US were impacted by a ransomware attack that targeted Finalsite, a company that provides schools with hosted tools to manage their online presence and communications. Since the cyberattackers targeted Finalsite instead of individual school systems, thousands of school websites hosted by Finalsite went down at

Read More
13 Jan 2022

Widespread, Easily Exploitable Windows RDP Bug Opens Users to Data Theft

Earlier this week, Microsoft issued a fix for a vulnerability that allows remote, unprivileged attackers to abuse Remote Desktop Protocol (RDP) from inside Windows devices. The flaw could allow attackers to hijack smart cards and gain unauthorized access to file systems. The bug, which is tracked as CVE-2022-21893, could lead

Read More