AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 09/07/2022

Ireland fines Instagram a record $400 mln over children’s data

Ireland’s data privacy regulator has agreed to levy a record fine of 405 million euros ($402 million) against social network Instagram following an investigation into its handling of children’s data, a spokesperson for the watchdog said. Instagram plans to appeal against the fine, a spokesperson for parent Meta Platforms Inc (META.O) said in an emailed statement. The investigation, which started in 2020, focused on child users between the ages of 13 and 17 who were allowed to operate business accounts, which facilitated the publication of the user’s phone number and/or email address.

 

China Accuses US of ‘Tens of Thousands’ of Cyberattacks

Beijing on Monday accused the United States of launching “tens of thousands” of cyberattacks on China and pilfering troves of sensitive data, including from a public research university. Washington has accused Beijing of cyberattacks against US businesses and government agencies, one of the issues over which ties between the two powers have nosedived in recent years. China has consistently denied the claims and in turn lashed out against alleged US cyber espionage, but has rarely made public disclosures of specific attacks. But a report released Monday by its National Computer Virus Emergency Response Center (CVERC) accused the US National Security Agency (NSA) of carrying out “tens of thousands of malicious attacks on network targets in China in recent years”.

 

Botnets in the Age of Remote Work

Cyberattacks launched or controlled via botnet are nothing new, but they are on the rise and pose an ever-growing threat. A recent Russian botnet masquerading as a proxy service compromised millions of devices across the globe, giving cybercriminals access to stolen online accounts until the Feds shut it down. Attacks that happen at a large scale in this manner can have devastating effects. Indeed, botnets represent one of the top techniques attackers use to gain access to networks and systems, which is why it’s vital to take steps to mitigate botnet attacks from wherever your employees are working.

 

Holiday Inn-owner IHG hit by ‘unauthorised activity’ in tech systems

Holiday Inn owner IHG (IHG.L) said on Tuesday that bookings on its websites and apps were facing disruptions after its technology systems were hit by “unauthorised activity”. IHG said it was assessing the nature, extent and impact of the incident and had implemented its response plans. The company, which has appointed external specialists to investigate the incident and is in the process of notifying regulatory authorities, said its hotels were still able to operate despite the disruption. The incident comes amid increased scrutiny on appropriate defences against cyber attacks, particularly on western financial institutions, in the wake of heightened geopolitical tensions following Russia’s invasion of Ukraine early this year.

 

Criminal hackers targeting K-12 schools, U.S. government warns

Criminal hackers have recently targeted U.S. school districts and will likely continue to escalate their attacks this school year, federal agencies warned Tuesday. The alert — issued by the FBI, the Cybersecurity and Infrastructure Security Agency, and MS-ISAC, a nonprofit organization that shares cyber threats — warned that “attacks may increase as the 2022/2023 school year begins and criminal ransomware groups perceive opportunities for successful attacks.” “School districts with limited cybersecurity capabilities and constrained resources are often the most vulnerable; however, the opportunistic targeting often seen with cyber criminals can still put school districts with robust cybersecurity programs at risk,” the group added.

Related Posts