Security

Transportation Security Administration issues second Security Directive  WASHINGTON – Today, in response to the ongoing cybersecurity threat to pipeline systems, DHS’s Transportation Security Administration (TSA) announced the issuance of a second Security Directive that requires owners and operators of TSA-designated critical pipelines that transport hazardous liquids and natural gas to implement a number of urgently needed protections against cyber intrusions.  “The lives and livelihoods of the American people depend on…

Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Fraud Risk Management Hackers Accessed System Containing PII Prajeet Nair (@prajeetspeaks) • July 20, 2021     Campbell Conroy & O’Neil, a Boston-based law firm that serves Fortune 500 firms, including Apple and Pfizer, is continuing its investigation of a ransomware attack in…

Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management Cybereason’s Sam Curry Shares Insights on the Latest Developments Anna Delaney (annamadeline) • July 19, 2021     Sam Curry, CSO, Cybereason The U.S and its allies formally accusing China of cyberattacks on Microsoft Exchange servers…

Campbell Conroy & O’Neil, P.C. (Campbell), a major American law firm whose clientele includes dozens of Fortune 500 and Global 500 companies, announced suffering a data breach in the wake of a February 2021 ransomware attack.  In its report on the data breach, Bleeping Computer noted that the attackers gained access to  “certain individuals’ names,…

WASHINGTON — The Biden administration and Western allies, including all NATO members, formally blamed China on Monday for a major hack of Microsoft Exchange email server software and asserted that criminal hackers associated with the Chinese government have carried out ransomware and other illicit cyberoperations. China’s “pattern of irresponsible behavior in cyberspace is inconsistent with…

Campbell Conroy & O’Neil, P.C. (Campbell), a US law firm counseling dozens of Fortune 500 and Global 500 companies, has disclosed a data breach following a February 2021 ransomware attack. Campbell’s client list includes high-profile companies from various industry sectors, including automotive, aviation, energy, insurance, pharmaceutical, retail, hospitality, and transportation. Some of its current and past clients…

The United States and its allies accused China on Monday of a global cyberespionage campaign, mustering an unusually broad coalition of countries to publicly call out Beijing for hacking. The United States was joined by NATO, the European Union, Australia, Britain, Canada, Japan, and New Zealand in condemning the spying, which US Secretary of State…

Human rights and press freedom activists are up in arms about a new report on NSO Group, the notorious Israeli hacker-for-hire company. The report, by a global media consortium, expands public knowledge of the target list used in NSO’s military-grade spyware. According to the report, that now not only includes journalists, rights activists and opposition…

Governance & Risk Management , IT Risk Management , Next-Generation Technologies & Secure Development Report Offers Risk Mitigation Advice, Stressing Prompt Patching Doug Olenick (DougOlenick) • July 19, 2021     Example of Chinese attackers’ tactics and techniques (Source: Joint Cybersecurity Advisory) Three federal agencies released a 31-page Joint Cybersecurity Advisory Monday that describes 50…

While some organizations are improving their ability to share cyberthreat intelligence with other entities within the same sector, cross-sector cyber intelligence collaboration is still difficult. But cyber fusion centers can help automate that process, according to Errol Weiss of the Health Information Sharing & Analysis Center and Anuj Goel of security firm Cyware. “To this…