27 Nov 2023
By Mary

InfoSec News Nuggets 11/27/2023

Canada’s privacy watchdog investigating hack affecting military and RCMP personnel  The Privacy Commissioner of Canada is investigating a cyberattack that compromised data on current and former members of the country’s armed forces and the Royal Canadian Mounted Police (RCMP). Two affiliated companies, Brookfield Global Relocation Services (BGRS) and Sirva Canada LP, informed the Canadian government of the breach in October. The companies have been contracted by the Canadian government to provide relocation services for personnel since 1995,…
Read More
25 May 2022
By Mary

InfoSec News Nuggets 05/25/2022

Chicago students lose data to ransomware attackers Chicago Public Schools (CPS) disclosed on Friday that students may have had their data taken in a ransomware incident involving one of its vendors. The ransomware attack happened last December at Battelle for Kids (BfK), based in Columbus Ohio, which develops services to provide innovation in schools for students and teachers. Around 490,000 students and 56,000 employees found their data breached by those responsible for the ransomware. The data accessed by criminals,…
Read More
23 May 2022
By Mary

InfoSec News Nuggets 05/23/2022

Researchers Spot Supply Chain Attack Targeting GitLab CI Pipelines Security researchers at SentinelLabs are calling attention to a software chain supply attack targeting Rust developers with malware aimed directly at infecting GitLab Continuous Integration (CI) pipelines. The campaign, dubbed CrateDepression, combines typosquatting and the impersonation of a known Rust developer to push a malicious ‘crate’ hosted on the Rust dependency community repository.  (Editor’s note: A crate is a compilation unit in Rust). The malicious crate was…
Read More