As reported by the Daily Mail, confidential information held by some of Britain’s police forces has been stolen by Russian hackers in a security breach. The cyber-criminal gang Clop has released some of the material it plundered from an IT firm that handles access to the police national computer (PNC) on the so-called ‘dark web’ – with the threat of more to follow.
ISBuzz Team
The UK has unveiled its new National Cyber Strategy that sets out how the nation will solidify its standing as a global cyber power.
The Senate just passed The National Defense Authorization Act, or NDAA, annual defense spending bill – with key cyber provisions, but noticeably lacking a cyber incident reporting measure (following partisan disagreements). Here are a few highlights covering cyber issues: The NDAA authorizes CISA’s CyberSentry program for securing industrial control systemsAn amendment would require CISA to update its IRP at least every two yearsIt codifies CISA’s National Cyber Exercise programRequires the DOD to submit a report on how its Cybersecurity Maturity Model Certification program affects small businesses
In a news release Tues. morning: Superior Plus Announces Cyber Security Incident, the company shared that the attack began on Sunday and that “Superior has temporarily disabled certain computer systems and applications … and is in the process of bringing these systems back online,” adding that it “took steps to secure its systems and mitigate the impact to the Corporation’s data and operations.” No news yet as to whether ransomware was involved. Superior is a leading North American distributor of propane and related products to over 780,000 customers in the US and Canada. The had 2020 revenues of over $1.8…
The opening of a malicious Microsoft Excel file attached to a phishing email led to the cyber attack that crippled the national health service earlier this year, according to a report on the incident published on Friday. The file was opened at a HSE workstation on March 18th, with the email having been sent to the “patient zero workstation” two days’ earlier. Over the coming eight weeks a number of “alerts” were raised within the health service that the IT system might be compromised, but the significance of the alerts was not identified at the time.
News recently broke of a vulnerability affecting digital systems across the internet, leaving them exposed to account takeover by hackers. In fact, threat actors are already attempting to exploit the vulnerability and researchers are warning of serious repercussions worldwide. The problem lies in Log4j, a ubiquitous, open-source Apache logging framework that developers use to keep a record of activity within an application. The list of services with Internet-facing infrastructure that is vulnerable to a critical zero-day vulnerability in the open-source Log4j logging utility is immense and includes some of the biggest names on the Internet, including Apple, Amazon, Cloudflare, Steam,…
Volvo Cars disclosed that one of its file repositories has been illegally accessed by a third party confirming that a limited amount of the company’s R&D property has been stolen during the intrusion. Cybersecurity experts from KnowBe4 and comforte AG provided the following comments.
The Amazon outage seems to still be causing havoc. Causing not only issues for online shoppers, it has also prevented Amazon delivery trucks from fulfilling previously secured orders. Amazon was also among the top 20 websites to face the most amount of outages in the last 12 months.
Following the news of the SPAR ransomware attack, cybersecurity experts reacted below.
For the fifth year in a row, a new record of security vulnerabilities has been recorded in the US-CERT Vulnerability Database. As of today, December 8, 2021, 18,376 vulnerabilities in production code were recorded, exceeding the 2020 record of 18,351.Interestingly, this year, there are less high severity vulnerabilities than last year.