InfoSec News Nuggets 11/18/2020

DarkSide ransomware is creating a secure data leak service in Iran The DarkSide Ransomware operation claims they are creating a distributed storage system in Iran to store and leak data stolen from victims. To show they mean business, the ransomware gang has deposited $320 thousand on a hacker forum. DarkSide is run as a Ransomware-as-a-Service (RaaS) where developers are in charge of programming the ransomware software and payment site, and affiliates are recruited to hack…
Read More

InfoSec News Nuggets 7/6/2020

macOS Privacy Protections Bypass Disclosed After Apple Fails to Release Fix Details on a macOS privacy protections bypass method were published this week, more than six months after Apple was informed of the issue, but failed to deliver a fix. Dubbed TCC (Transparency, Consent, and Control), the privacy protections system was introduced in macOS Mojave to ensure that certain files on the system are kept out of reach of unauthorized applications. Software engineer and app…
Read More

InfoSec News Nuggets 10/18/2019

1 - California adds biometric specs to data breach law California is changing its Information Practices Act of 1977 to expand the definition of personal information with additional identifiers, including biometric data of those affected. The amendment comes with new instructions on how to notify affected parties by a breach. The legislation is old and uses a definition too broad to describe personal information in all the shapes and forms found today. As such, amendment…
Read More