Security Leftovers
-
US News And World Report ☛ 2025-03-13 [Older] White House Instructs Agencies to Avoid Firing Cybersecurity Staff, Email Says
-
CPJ ☛ New Turkish law criminalizes ‘false’ reporting on cybersecurity-related data leaks
The law, passed on Wednesday, criminalizes reporting about an online data leak or sharing that report unless the authorities have confirmed the incident.
It imposes a prison sentence of two to five years for anyone who knowingly creates or spreads “false” content claiming that there is a cybersecurity data leak “in order to create anxiety, fear, and panic among the public, or to target institutions or individuals.”
-
US News And World Report ☛ 2025-03-10 [Older] New York Sues Allstate Over Data Breach, Alleged Security Lapses
-
Windows TCO / Windows Bot Nets
-
CISA ☛ 2025-03-12 [Older] CISA and Partners Release Cybersecurity Advisory on Medusa Ransomware
-
Scoop News Group ☛ Water utilities would get cybersecurity boost under bipartisan Senate bill
The bill would update and expand the Department of Agriculture’s Circuit Rider Program, which provides technical assistance to rural water systems. The lawmakers’ legislation calls on the program to develop protocols to bolster water systems’ cyber defenses and provide additional aid to improve protections.
According to a press release announcing the bill, just 20% of water and wastewater systems across the country have basic cyber protections.
-
Cyble Inc ☛ Alleged LockBit Ransomware Developer Extradited To U.S.
Panev’s extradition comes as the LockBit ransomware group tries to relaunch following a year of international law enforcement efforts.
-
The Register UK ☛ New ransomware gang targets Fortinet firewalls, victim data
Both CVE-2024-55591 and CVE-2025-24472 are authentication bypass vulnerabilities disclosed by Fortinet in January. The former was disclosed first as a zero-day, since exploit activity went back to December 2024, and the latter was added to the advisory after the fact.
-
Security Week ☛ LockBit Ransomware Developer Extradited to US
Rostislav Panev, aged 51, is a dual Russian and Israeli national. He has been accused of helping develop the LockBit ransomware, which he allegedly admitted after he was taken into custody by Israeli authorities in August 2024.
-
Security Week ☛ Recent Fortinet Vulnerabilities Exploited in 'SuperBlack' Ransomware Attacks
The hacking group, tracked as Mora_001, apparently adopted a leaked LockBit builder to create its own file-encrypting ransomware variant that Forescout has dubbed SuperBlack.
-