Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267

Cyber incident rule, Google blocks spoof emails, PandaBuy breach | #cybercrime | #computerhacker

CISA releases draft rule for cyber incident reporting

Considered to be one of the most significant cybersecurity policy reforms in recent memory, CISA has released its notice of proposed rulemaking (NOPR) that requires critical infrastructure organizations to report cybersecurity incidents. This is intended to provide the federal government with “better insight about breaches that affect highly sensitive entities such as water and power utilities.” This NOPR is the next step in a process that began after the Cyber Incident Reporting for Critical Infrastructure Act was signed into law in March 2022, following the SolarWinds ordeal.


Google now blocks spoofed emails for better phishing protection

Google has now started to automatically block emails sent by bulk senders who do not authenticate their messages. This follows an announcement made last October and places a requirement on companies that send over 5,000 messages daily to Gmail accounts to set up email authentications for their domains. Throughout this year, Google will ramp up the pressure on non-compliant bulk email senders, starting with temporary error codes on a small portion of messages that don’t meet the requirements, but ramping up the rejection process. This, Google says, is to give bulk emailers a chance to become compliant.


Breach at online shopping platform PandaBuy affects 1.3 million customers

The platform, which focuses on selling and shipping products from China, is now owning up to a data breach that leaked the basic data of more than 1.3 million customers on a cybercrime forum. The breach and subsequent posting of the data was announced by the two threat actors themselves, and Troy Hunt of Have I Been Pwned has confirmed their validity. The company itself has yet to acknowledge the incident, stating simply that “no user data has been stolen this year.”

(Security Affairs)

UK and U.S. sign AI safety agreement

Signed by UK Technology Secretary Michelle Donelan and U.S. Commerce Secretary Gina Raimondo, the memorandum of agreement seeks to align the two countries’ scientific approaches, and “work closely to accelerate and rapidly iterate robust suites of evaluations for AI models, systems, and agents.” The partnership will take effect immediately and is intended to allow both organizations to work seamlessly with one another to keep pace with the technology’s emerging risks.”(BBC News and UK Government)

Huge thanks to this week’s episode sponsor, Vanta

The average security pro spends nearly a full workday every week just on compliance.

With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. 

Even more, Vanta’s market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires.

Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security in real time.

Watch Vanta’s on-demand demo at to learn more.

Venom RAT phishing campaign strikes Latin America

According to The Hacker News, “the attacks singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, United States, Colombia, Portugal, Brazil, Dominican Republic, and Argentina.” The attack is being attributed to a threat actor known as TA558, and uses phishing emails to drop Venom RAT, which has been configured to harvest sensitive data and control systems remotely.

(The Hacker News)

OWASP Foundation warns members of data breach

The breach affects people who may have been a member of the software security nonprofit Open Worldwide Application Security Project between 2006 to 2014. This is after the group “became aware of an old Wiki server that contained decade-old resumes.” The likelihood of this dated documentation being exposed and exploited is small, given that, as OWASP Executive Director Andrew Van der Stock stated, “the directory where the resumes were located was not easily found because it was not indexed and separate from the organization’s Wiki installation.” However, there is a possible learning moment here given that OWASP’s lack of information about the directory was due to a log retention policy on a small Virtual Private Server only allowed for limited log data with old data having been overwritten long before adequate forensics became was possible.

(The Record)

Prudential Insurance provides update on February cyberattack

Back in February we reported on the incident which saw hackers gain access to the company’s network. Representatives from Prudential Insurance have now identified the stolen data as names, addresses, driver’s license numbers or ID cards of 36,545 people, apparently being employees and contractors. They did not, however, clarify what systems were accessed or whether it was a ransomware attack. Victims whose data was stolen will be given two years of identity protection services.

(The Record)

MarineMax provides update on February cyberattack

While Prudential was dealing with its cyberattack in February, we also covered the attack on MarineMax – one of the world’s largest sellers of boas, yachts, and superyachts. The attack, claimed by Rhysida was described at the time as a cybersecurity incident, but the company has now revised this description to one in which “a cybercrime organization accessed a limited portion of the IT systems associated with their retail business.” This includes customer and employee information, including PII.

(The Record)


Click Here For The Original Source.