FBI Non-Profit Probes Agent Data Breach

Infosecurity Magazine | April 16, 2019

FBI Non-Profit Probes Agent Data Breach
A training non-profit linked to the FBI is investigating reports that it was successfully hacked, exposing the personal details of thousands of agents to attackers. The FBI National Academy Associates (FBINAA) claims to be “dedicated to providing the highest degree of law enforcement expertise, leadership training, and information to law enforcement executives around the world.” Its members are graduates of the FBI National Academy Program for law enforcers. In a notice over the weekend, it responded to media reports of a security breach at three FBINAA websites which apparently resulted in highly sensitive data on around 4000 law enforcers being put up for sale on a dark web site. “We are working with federal authorities to investigate this allegation. We believe we have identified the three affected chapters that have been hacked and they are currently working on checking the breach with their data security authorities,” the statement noted. In each of these instances a third-party software was being used by the affected Chapters, however it is still too early to determine if this impacted the breach. Cybercrime is on the rise and phishing attacks occur every day.

Spotlight

Keeping a business secure is enough to make anyone lose sleep. Every day brings a new hack.  If you’re worried about cyber threats, let us help you understand the latest phishing, malware and ransomware threats and how to defend against them.

Spotlight

Keeping a business secure is enough to make anyone lose sleep. Every day brings a new hack.  If you’re worried about cyber threats, let us help you understand the latest phishing, malware and ransomware threats and how to defend against them.

Related News

DATA SECURITY

BD to Advance Leadership in Cybersecurity Transparency and Preparedness

BD | June 07, 2021

A leading global medical technology company, BD (Becton, Dickinson and Company), today announced that it has become the first medical technology company authorized as a Common Vulnerability and Exposures (CVE®) Numbering Authority by the CVE Program, further demonstrating the company's leadership in health care cybersecurity. As a CVE Numbering Authority (CNA), BD is authorized to assign CVE identification numbers to newly discovered vulnerabilities in its software-enabled products. This includes using the Common Weakness Enumeration (CWE™) system to classify vulnerability types and applying the Common Vulnerability Scoring System (CVSS) to communicate vulnerability characteristics and severity. The purpose of the CVE Program is to bolster international cybersecurity defense by cataloguing publicly disclosed cybersecurity vulnerabilities. The CVE Program is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and operated by MITRE Corporation. BD was among the first medical technology companies to develop a mature Coordinated Vulnerability Disclosure program, enabling customers to manage cybersecurity risks through awareness and guidance. In 2020, the company launched the BD Cybersecurity Trust Center, increasing transparency and collaboration with its customers, and issued its inaugural cybersecurity annual report. In becoming a CNA, BD further demonstrates its commitment to cybersecurity in medical devices, making it easier for customers to manage vulnerabilities affecting BD products. About the CVE Program The mission of the Common Vulnerabilities and Exposures (CVE®) Program is to identify, define and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each of the vulnerabilities in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities. About BD BD is one of the largest global medical technology companies in the world and is advancing the world of health by improving medical discovery, diagnostics and the delivery of care. BD and its 70,000 employees have a passion and commitment to help enhance the safety and efficiency of clinicians' care delivery process, enable laboratory scientists to accurately detect disease and advance researchers' capabilities to develop the next generation of diagnostics and therapeutics. By working in close collaboration with customers, BD can help enhance outcomes, lower costs, increase efficiencies, improve safety and expand access to health care.

Read More

Hackers Are Using Google Analytics to Steal Your Credit Card Information

Search Engine Journal | June 29, 2020

Hackers are using Google Analytics to steal credit cards, passwords, IP addresses... basically everything shared with a hacked site.An investigation by Kaspersky Lab has uncovered a new hacking technique that uses Google Analytics to steal credit card numbers, user agents, IP addresses, passwords… basically everything.This isn’t an exploit in Google Analytics itself.Hackers are exploiting the trusted status given to Google Analytics by all browsers in order to steal information from hacked sites by using Google Analytics as a way to transfer that data.Kaspersky’s report noted that the exploit is stealing everything that is shared with the affected website, including credit card information but presumably that means password information as well.The exploit apparently steals “everything” from passwords, name and address, credit cards and even the personal information of the person sharing their information.

Read More

Hub Protection to provide INX Limited with military-grade Digital Asset Cybersecurity

prnewswire | September 15, 2020

Hub Security, the cyber security platform, is announcing the use of its military-grade VaultHSM to secure INX Limited's crypto services.This news comes on the heels of INX Limited's latest announcement of its initial public offering this week of up to 130 million INX Security Tokens (the "INX Tokens" or "Tokens"). Hub Security utilizes military-grade cybersecurity principles for its Vault HSM (Hardware Security Module) and handheld miniHSM devices' with FIPS Approved Cryptographic Algorithm Validation

Read More