The FBI this month reportedly issued an alert to its private industry partners, warning that a probable nation-state hacking group had recently compromised the networks of two U.S. municipalities via unpatched, vulnerable Microsoft SharePoint servers. According to the report, from ZDNet, the flaw the hackers reportedly abused was CVE-2019-0604, a remote code execution bug caused by…
The Department of Homeland Security’s CISA Hunt and Incident Response Team (HIRT) found no direct malicious activity affecting the ePollbook laptops used in certain Durham County, N.C., precincts during the 2016 election. HIRT was asked by the Durham County Board of Elections to examine the ePollbook laptops after several reported inaccurate data to poll workers.…
Just days after New Orleans revealed it was victimized by a ransomware attack, smaller municipalities in Florida and California reported being hit. Galt, Calif. municipal systems and the St. Lucie County, Fla. Sheriff’s Department were each knocked offline. Galt was attacked on December 16 and was partially successful in encrypting some city systems. In a…
A leaky Amazon Web Services storage bucket has exposed more than 752,000 applications requesting copies of birth certificates. A report yesterday by TechCrunch said the unsecured data set dates back to late 2017, but was just recently discovered by U.K.-based penetration testing company Fidus Information Security. The data is managed by a company that helps…
The New York City Police Department’s fingerprint database was hit with ransomware in October 2018, a local newspaper learned. The attack was brought in by a third-party vendor who was installing video equipment at the NYPD’s police academy when it connected its infected computer to the police network, according to the New York Post. The…
Malicious attackers have notably stepped up attacks on the U.S. auto industry since late year, hitting car manufacturers with ransomware, compromising their systems, and exfiltrating their data, the FBI reportedly warned this week. CNN on Wednesday reported that the FBI alert came in the form of a private bulletin sent to a select group of…
Key lawmakers in the U.S. Senate today called for increased funding of the Multi-State Information Sharing and Analysis Center and Election Infrastructure Information Sharing and Analysis Center, while others demanded the development of a national 5G strategy. On Tuesday, Senate Democratic Leader Chuck Schumer, D-N.Y.; Sen. Maggie Hassan, D-N.H.; and Homeland Security and Governmental Affairs…
Camille Francois remembers the day she learned that the U.S. Senate Select Committee on Intelligence was granting her the extraordinary opportunity to research the extent of Russia’s influence operations during 2016 presidential election campaign. SC Podcast “Our CEO [John Kelly]… said, ‘Hey Cam, what would you say if we had access to the actual data…
For at least the last four years, the California Department of Motor Vehicles had mistakenly given seven government entities access to Social Security number information pertaining to roughly 3,200 drivers and license applicants, the state agency has admitted in a data breach notification. “You are being sent the attached Notice regarding the disclosure of Social…
A ransomware attack last weekend struck the network of the Canadian territory Nunavut, severely impeding a bevy of government services that rely on access to systems and electronic files. The attack took place on Saturday afternoon, encrypting files on government servers and workstations and crippling email and other internet-based communications. The only service to be…
