Security Leftovers
-
Slater and Gordon investigating possible class action against Optus
Law firm Slater and Gordon is looking at the possibility of initiating a class action suit against Optus over the massive data breach revealed by the telco on 22 September.
In a statement issued on Monday afternoon, the company's class actions senior associate Ben Zocco said while specifics of the breach were yet to be made public, the consequences could potentially be significant for some customers.
Due to this, he said the law firm was assessing possible legal action for those affected. A page has been set up with information for those who are interested in such an action.
Optus issued an update about the breach this afternoon, offering "the most affected current and former customers" whose information was compromised the option of a 12-month subscription to Equifax Protect, a credit monitoring and identity protection service that can help reduce the risk of identity theft. Such customers would be contacted, Optus added.
-
Beware: Microsoft Edge found serving malicious tech support scam ads
Microsoft seems to be doing a lot to improve the security on Windows 11. The company has also been adding security features like "Enhanced Security" to its Edge browser that is getting more popular according to the latest data. For the unwary out there though, scammers and similar other threat actors and miscreants are lying and waiting.
-
OpenSSF: on a mission to improve security of open source software
Open source software (OSS), once a niche segment of the development landscape, is now ubiquitous. This growth is fantastic for the open source community. However, as the usage of OSS increases, so do concerns about security. Especially in mission-critical applications— think medical devices, automobiles, space flight, and nuclear facilities—securing open source technology is of the utmost priority. No individual entity, whether developers, organizations, or governments, can single-handedly solve this problem. The best outcome is possible when all of them come together to collaborate.
The Open Source Security Foundation (OpenSSF) formed to facilitate this collaboration. OpenSSF is best described in its own words..
-
Denver suburb won’t cough up millions in ransomware attack that closed city hall
-
Denver suburb won’t cough up millions in ransomware attack that closed city hall [iophk: Windows TCO]
“The city has made the determination not to pay a ransom,” Amanda Harrison, a Wheat Ridge spokeswoman, said this week. “The city’s IT professionals are working diligently to restore files stored within the city’s network from viable backups.”
-
[Old] ‘Attacked by criminal [crackers]’: Sacramento-area college has its system [cracked] — again [iophk: Windows TCO]
A community college near Sacramento was hit by a cyberattack over the weekend, two days before the start of its academic year, and has hired a third-party firm to investigate.
-
FBI, CISA Ransomware Alert Warns of Vice Society Targeting Education Orgs [iophk: Windows TCO]
"The FBI, CISA, and the MS-ISAC anticipate attacks may increase as the 2022/2023 school year begins and criminal ransomware groups perceive opportunities for successful attacks," the advisory states, adding that organziations with limited cybersecurity capabilities and constrained resources are often the most vulnerable, yet the opportunistic targeting often seen with cyber criminals can still put those with robust cybersecurity programs at risk.