InfoSecSherpa Newsletter — 17 June 2021
- Senate bill to require hack reports within 24 hours and punish violators
(Politico, 17 June 2021)
The bill development comes as lawmakers debate how to stem a rising tide of cyberattacks, including increasingly destructive ransomware attacks on critical firms such as Colonial Pipeline.
- Editors of Hong Kong newspaper arrested under security law
(Chicago Sun Times, 17 June 2021)
Police said they had evidence that more than 30 articles published by Apple Daily played a “crucial part” in what they called a conspiracy with foreign countries to impose sanctions against China and Hong Kong.
- State and local officials tell Senate they ‘really need’ cyber grants
(State Scoop, 17 June 2021)
A group of state and local officials told members of the Senate Homeland Security Committee on Thursday they’re very interested in dedicated cybersecurity grants to support their agencies, even as the prospects for such a program remain unclear.
- A Billion CVS Records Exposed
(Info Security Magazine, 17 June 2021)
The 240GB of unsecured data was discovered by WebsitePlanet and security researcher Jeremiah Fowler in a cooperative investigation.
- Cruise operator Carnival discloses breach of crew, guests’ personal data
(Reuters, 17 June 2021)
Cruise operator Carnival Corp detected unauthorized access to its computer systems in March, alerted regulators and hired a cybersecurity firm to investigate the breach, Bloomberg News reported on Thursday.
- Senators draft bill that would require many entities to report cyber breaches within 24 hours
(CNN Politics, 17 June 2021)
US lawmakers are preparing legislation that would require a vast range of public and private entities to alert the government within 24 hours of a cybersecurity breach, following a wave of ransomware attacks that have threatened the nation’s economic and national security.
- Whistler cyberattack compromised employees’ personal information
(News 1130, 17 June 2021)
Private, personal information of municipality employees in Whistler was compromised during a recent cyberattack. The municipality says so far, it doesn’t appear information involving members of the general public was impacted.
- Victoria’s QR codes badly made, developers say
(The Sydney Morning Herald, 18 June 2021)
The government’s QR code system has been mandatory for many businesses since the end of May, after surveys showed less than half of people reported checking in when they arrived at a venue. It replaced a constellation of separate systems.
- Airlines, banks briefly hit by widespread internet outages
(Business Insurance, 17 June 2021)
Websites of dozens of financial institutions and airlines in Australia and the United States were briefly down on Thursday, in the second major blackout in just over a week caused by a glitch in an important piece of internet infrastructure.
- Suspected Iranian Hackers Use VPN And Telegram To Spy On Dissidents
(Bollyinside, 17 June 2021)
For the last six years, hackers have stalked Iranian dissidents with spying tools that mimic the software those dissidents use to protect their communications, security firm Kaspersky said Wednesday.