Australia Flags New Corporate Penalties for Privacy Breaches
The penalties for serious breaches of the Privacy Act would increase from 2.2 million Australian dollars ($1.4 million) now to AU$50 million ($32 million) under amendments to be introduced to Parliament next week, Attorney-General Mark Dreyfus said. A company could also be fined the value of 30% of its revenues over a defined period if…
Hackers Possibly From China Using New Method to Deploy Persistent ESXi Backdoors
The new technique, spotted by Mandiant in April, involves using malicious vSphere Installation Bundles (VIBs). A VIB is a collection of files packaged into a single archive to facilitate distribution — they are similar to a tarball or ZIP archive. VIB packages can be used to create startup tasks, custom firewall rules, or to deploy…
Cybercriminals Apparently Involved in Russia-Linked Attack on Montenegro Government
The country’s Agency for National Security announced last week that government servers had been targeted in an ongoing attack that was described as massive and coordinated. The attack targeted government systems and other critical infrastructure, and managed to cause some disruptions. The US embassy warned citizens residing in the country that the attack could disrupt…
Securing Smart Cities from the Ground Up
Smart technology continues to change how people live and interact with the cities around them. While the full value of a connected city evolves – one that leverages innovations powered by artificial intelligence and machine learning – cybersecurity stands as one of its greatest challenges. The Smart City Conundrum While the promise of Smart Cities…
Hacker Claims Major Chinese Citizens’ Data Theft
A sample of 750,000 entries posted online by the hacker showed citizens’ names, mobile phone numbers, national ID numbers, addresses, birthdays and police reports they had filed. AFP and cybersecurity experts have verified some of the citizen data in the sample as authentic, but the scope of the entire database is hard to determine. Advertised…
Pair of Brand-New Cybersecurity Bills Become Law
The Biden White House continued its efforts to shore up US cyber defenses by signing two bills into law, both with the goal of helping cybersecurity expertise and resources flow freely between federal agencies and down to municipalities in need of resources. The first piece of cybersecurity legislation, called the Federal Rotational Cyber Workforce Program…
Wray: FBI Blocked Planned Cyberattack on Children’s Hospital
Wray told a Boston College cybersecurity conference that his agents learned of the planned digital attack from an unspecified intelligence partner and got Boston Children’s Hospital the information it needed last summer to block what would have been “one of the most despicable cyberattacks I’ve seen.” “And quick actions by everyone involved, especially at the…
How to Keep Your Enterprise Safe From Digital Supply Chain Attacks
The digital supply chain is under attack like never before. Listed among the top three security concerns for 2022 by Gartner, digital supply chain security is now top of mind for cybersecurity teams, CISOs, and the entire C-suite. For the first time, digital supply chain attacks are threatening business continuity for large-scale enterprises. Why the…
Synology, QNAP, WD Warn Users About Vulnerabilities Exploited at Hacking Contest
The vulnerabilities were disclosed at the Zero Day Initiative’s Pwn2Own Austin contest in November 2021, where participants earned more than $1 million for hacking routers, printers, smart spears, smartphones and network-attached storage (NAS) devices. The NAS exploits at Pwn2Own targeted WD devices, and they earned participants roughly $500,000. It turns out that at least half…
U.S. State Governments Targeted by Chinese Hackers via Zero-Day in Agriculture Tool
In a blog post published on Tuesday, cybersecurity research and incident response company Mandiant said it became aware of the campaign in May 2021, when it was called in to investigate an attack on a U.S. state government network. An analysis revealed that the attack had likely been carried out by a Chinese state-sponsored threat…
