InfoSec News Nuggets 10/01/2024

Senate bill pushes cyber mandates for medical industry in wake of Change Healthcare debacle Hospitals and other healthcare businesses would be required to adopt minimum cybersecurity standards and face annual audits under new legislation introduced by two prominent senators on Thursday. The Health Infrastructure Security and Accountability Act, announced by Sens. Ron Wyden (D-OR) and Mark Warner (D-VA), would  provide $1.3 billion for the Department of Health and Human Services (HHS) to support hospitals and create…
Read More

InfoSec News Nuggets 8/16/2024

Ex-Google CEO says successful AI startups can steal IP and hire lawyers to ‘clean up the mess’  Former Google CEO and chairman Eric Schmidt has made headlines for saying that Google was blindsided by the early the rise of ChatGPT because its employees decided that “working from home was more important than winning.” The comment was made in front of Stanford students during a recent interview, video of which was removed from the university’s YouTube channel after Schmidt’s…
Read More

InfoSec News Nuggets 09/21/2023

Sysadmin and spouse admit to part in 'massive' pirated Avaya licenses scam A sysadmin and his partner pleaded guilty this week to being part of a "massive" international ring that sold software licenses worth $88 million for "significantly below the wholesale price." Brad and Dusti Pearce admitted one count of conspiracy to commit wire fraud and each face a maximum penalty of 20 years in prison. After agreeing to a plea deal, the Pearces must…
Read More

InfoSec News Nuggets 06/27/2023

The tech flaw that lets hackers control surveillance cameras In a darkened studio inside the BBC's Broadcasting House in London, a man sits at his laptop and enters his password. Thousands of miles away, a hacker is watching everything he types. Next, the BBC employee picks up his mobile phone and enters the passcode. The hacker now has that, too. A security flaw in the surveillance camera on the ceiling - manufactured by the Chinese…
Read More

InfoSec News Nuggets 05/02/2023

Hackers leak images to taunt Western Digital's cyberattack response The ALPHV ransomware operation, aka BlackCat, has published screenshots of internal emails and video conferences stolen from Western Digital, indicating they likely had continued access to the company's systems even as the company responded to the breach. The leak comes after the threat actor warned Western Digital on April 17th that they would hurt them until they "cannot stand anymore" if a ransom was not paid.…
Read More

InfoSec News Nuggets 01/20/2023

Bank of America starts restoring missing Zelle transactions  Bank of America has started to restore missing Zelle transactions that suddenly disappeared from customers' bank accounts this morning, causing some to dip into negative balances. The outage began at approximately 7 AM ET today, with BoA customers suddenly finding their account balances had decreased after recent Zelle transactions disappeared. This led to reports on DownDetector, Reddit, and Twitter from hundreds of customers missing their Zelle transactions.    More Ransomware Victims Are Refusing…
Read More

InfoSec News Nuggets 12/19/2022

Social Blade Confirms Breach After Hacker Offers to Sell User Data Social media analytics service Social Blade has confirmed a security breach after a hacker offered to sell a database allegedly stolen from the company’s systems. Social Blade monitors tens of millions of social media accounts, including on YouTube, Twitter, Twitch, Instagram, Facebook, and TikTok. The company helps content creators boost their channel’s popularity. The Social Blade database was offered for sale on a hacker…
Read More

InfoSec News Nuggets 04/14/2022

A SERIES OF PATENT LAWSUITS IS CHALLENGING THE HISTORY OF MALWARE DETECTION In early March, cybersecurity firm Webroot and its parent company OpenText launched a series of patent litigation containing some eye-opening claims. Filed March 4th in the famously patentholder-friendly Western District of Texas court, the four lawsuits claim that techniques fundamental to modern malware detection are based on patented technology — and that the company’s competitors are infringing on intellectual property rights with their implementation of network…
Read More

InfoSec News Nuggets 12/29/2021

T-Mobile welcomed Christmas with its second data breach in less than six months T-Mobile may have enjoyed another solid year in terms of subscriber growth, 5G network expansion, speed boosts, and various other technological breakthroughs and advancements, but when it comes to customer support and especially security, 2021 has been a time of worrying decline and a tidal wave of negative publicity for the once mighty "Un-carrier." While the huge data breach identified back in August is likely to remain unrivaled…
Read More

InfoSec News Nuggets 08/30/2021

Microsoft warns thousands of cloud customers of exposed databases -emails Microsoft on Thursday warned thousands of its cloud computing customers, including some of the world’s largest companies, that intruders could have the ability to read, change or even delete their main databases, according to a copy of the email and a cyber security researcher. The vulnerability is in Microsoft Azure’s flagship Cosmos database. A research team at security company Wiz discovered it was able to…
Read More

InfoSec News Nuggets 08/17/2021

T-Mobile Investigating Claims of Massive Customer Data Breach T-Mobile says it is investigating a forum post claiming to be selling a mountain of personal data. The forum post itself doesn't mention T-Mobile, but the seller told Motherboard they have obtained data related to over 100 million people, and that the data came from T-Mobile servers. The data includes social security numbers, phone numbers, names, physical addresses, unique IMEI numbers, and driver licenses information, the seller…
Read More

InfoSec News Nuggets 06/09/2021

Software bug to blame for global internet outage, Fastly says Fastly, the company behind a major global internet outage this week, said on Wednesday the incident was caused by a bug in its software that was triggered when one of its customers changed their settings. Tuesday’s outage raised questions about the reliance of the internet on a few infrastructure companies. Fastly’s issue knocked out high traffic sites including news providers such as The Guardian and…
Read More

InfoSec News Nuggets 03/01/2021

78% of top security leaders say their organizations are unprepared for a cyberattack Seventy-eight percent of senior IT and security leaders believe their organizations lack sufficient protection against cyberattacks, according to research conducted by IDG Research Services on behalf of Insight. The high level of concern expressed by these leaders resulted in 91% of organizations increasing their cybersecurity budgets in 2021 — a figure that nearly matches the 96% that boosted IT security spending in…
Read More

InfoSec News Nuggets 6/16/2020

Amazon CEO Jeff Bezos agrees to testify before antitrust hearing Amazon and a handful of other major tech companies are facing increased pressure from a series of investigations from the US House and Senate, the Justice Department and Federal Trade Commission into their potential monopolistic practices. For Amazon, the investigations have often focused on Amazon's use of private label items to compete against much smaller retailers on its platform. Calls for Bezos to testify before…
Read More