Man killed in roof fall

A man in his 60s has died after falling off a roof at a property at Neilborough, just north of Bendigo.
Source: WorkSafe News Man killed in roof fall

Hop grower fined $130,000 after worker dies in trailer fall

A hop grower has been convicted and fined $130,000 after a worker died when he fell from a trailer towed by an out of control tractor.
Source: WorkSafe News Hop grower fined 0,000 after worker dies in trailer fall

Insider Sentenced for Sabotaging PPE Shipments

Prosecutors: Actions Disrupted Deliveries of Critical Supplies During Pandemic
A former vice president of a personal protective equipment packaging firm has been sentenced to prison and ordered to pay restitution for sabotaging the company’s electronic shipping records during the COVID-19 pandemic – causing delays in deliveries – after he was terminated from his job.
Source: Info Risk Today Insider Sentenced for Sabotaging PPE Shipments

Fraudsters Alter Election Phishing Scam

Scammers Now Attempting to Steal Banking and Driver’s License Information
Fraudsters operating an election-themed phishing campaign have tweaked their malicious landing pages to harvest more information, including banking credentials, account data and vehicle identification information, Proofpoint reports.
Source: Info Risk Today Fraudsters Alter Election Phishing Scam

Even in Test Mode, New Mirai Variant Infecting IoT Devices

Researchers: ‘Katana’ Features Many Enhancements
A greatly enhanced variant of the powerful Mirai botnet is already infecting IoT devices even though it’s operating in a test environment, according to researchers at cybersecurity firm Avira Protection Lab.
Source: Info Risk Today Even in Test Mode, New Mirai Variant Infecting IoT Devices

Cybersecurity Data Sharing: A Federal Progress Report

Audit Finds Agencies Still Have Plenty of Work to Do
Certain federal agencies, especially units within the Department of Defense, still have plenty of work to do when it comes to sharing cybersecurity information and threat intelligence among themselves as well as with the private sector, according to a report recently sent to Congress.
Source: Info Risk Today Cybersecurity Data Sharing: A Federal Progress Report

US Conflict With Iran Sparks Cybersecurity Concerns

Homeland Security Reminds CISOs to Protect Critical Systems
After an Iranian general was killed in a U.S. drone strike in Baghdad late Thursday night, security experts and the Department of Homeland Security warned of possible retaliatory cyber strikes from Iran that could target critical infrastructure, government agencies as well as private businesses.
Source: Info Risk Today US Conflict With Iran Sparks Cybersecurity Concerns

Malware Infects Small Hospital's Medical Imaging Server

Data on 29,000 Patients Potentially Exposed
A breach stemming from malware infecting a medical imaging server at a small, rural New Mexico hospital serves as a reminder of medical equipment data security and privacy vulnerabilities and risks faced by facilities of all sizes.
Source: Info Risk Today Malware Infects Small Hospital’s Medical Imaging Server

Joker's Stash Lists 1.3 Million Stolen Indian Payment Cards

Notorious Cybercrime Marketplace Unveils Massive Data Trove, Researchers Warn
The notorious Joker’s Stash cybercrime marketplace, which specializes in selling stolen payment card data, has a new listing for 1.3 million credit and debit cards, almost all of which appear to have been issued by Indian banks, reports threat intelligence firm Group-IB.
Source: Info Risk Today Joker’s Stash Lists 1.3 Million Stolen Indian Payment Cards

Massive Cyberattack Slams Country of Georgia

2,000 Sites Knocked Offline in Suspected State-Sponsored Attack
The country of Georgia has been hammered by a massive cyberattack that disrupted access to at least 2,000 government, news media and court websites, with many homepages replaced with a photograph of the country’s former president, according to news reports.
Source: Info Risk Today Massive Cyberattack Slams Country of Georgia

Quest Diagnostics Proposed Breach Settlement Approved

Patients Whose HIV Test Results Were Exposed Will Get $75
A court has given preliminary approval for a settlement of a class action lawsuit filed against medical testing laboratory Quest Diagnostics in connection with a 2016 data breach affecting 34,000 individuals that exposed HIV-testing information of some patients. How much will victims receive?
Source: Info Risk Today Quest Diagnostics Proposed Breach Settlement Approved

Facebook Password, Email Contact Mishandling Worsens

Millions of Instagram Users Affected by Plain-Text Password Storage
Two security issues disclosed by Facebook over the past month are worse than first thought, adding to a harrowing series of data-handling mishaps by the social network. Millions of Instagram users had their plain-text passwords stored, and 1.5 million people had their email contact lists uploaded without consent.
Source: Info Risk Today Facebook Password, Email Contact Mishandling Worsens

Mueller Report: With Russian Hacking Laid Bare, What Next?

Trump Administration Faces Call to Fully Combat Russia’s Election Interference
Robert Mueller’s report into Russian interference clearly states: “The Russian government interfered in the 2016 presidential election in sweeping and systematic fashion.” In the wake of the Trump administration lifting some Russian sanctions, one expert says it must take the opposite tack.
Source: Info Risk Today Mueller Report: With Russian Hacking Laid Bare, What Next?

Leak Exposes OilRig APT Group's Tools

Group, Apparently Backed By Iran, Was Broadening Its Targets, Analysts Say
A set of malicious tools, along with a list of potential targets and victims, belonging to an APT group dubbed OilRig has leaked online, exposing some of the organization’s methods and goals, analysts say.
Source: Info Risk Today Leak Exposes OilRig APT Group’s Tools

Senators Raise Issue of Regulating Facebook

CEO Zuckerberg Grilled at First of Two Congressional Hearings
At the first of two Congressional hearings this week, Facebook CEO Mark Zuckerberg on Tuesday faced questions from Republicans and Democrats alike about whether the government should more closely regulate his firm and others.
Source: Info Risk Today Senators Raise Issue of Regulating Facebook

Hackers Deface Popular Videos Published by Vevo

Pilfered Access Credentials Could Be to Blame
A handful of popular music videos published on YouTube were defaced on Tuesday, with two hackers claiming credit. But Google, which owns YouTube, says that tampering didn’t occur directly on its platform.
Source: Info Risk Today Hackers Deface Popular Videos Published by Vevo

Facebook's Zuckerberg Pledges Worldwide GDPR Compliance

Second Congressional Hearing Probes Privacy Issues
At a U.S. House hearing Wednesday, Facebook CEO Mark Zuckerberg said the company would eventually comply worldwide with the European Union’s tough privacy law, the General Data Protection Regulation.
Source: Info Risk Today Facebook’s Zuckerberg Pledges Worldwide GDPR Compliance

The 4 Pitfalls of Privileged Access Management

Bomgar’s Sam Elliott on Overlooked Areas of Security
Overlooked areas of security and defense include four pitfalls of privileged access management, says Sam Elliott of Bomgar, who offers insights on taking the right steps.
Source: Info Risk Today The 4 Pitfalls of Privileged Access Management

Mitigating Risks From Open Source and Third-Party Code

CA Veracode’s Chris Eng on New Strategies to Bolster Application Security
Organizations are developing new apps at the speed of business. But through the use of vulnerable code, they also are creating new risks just as fast. Chris Eng of CA Veracode offers new strategies and solutions to mitigate open source and third-party risks.
Source: Info Risk Today Mitigating Risks From Open Source and Third-Party Code

Breaches Tied to Chat Network Provider

Delta, Sears, Kmart and Best Buy Breaches All Stem From Hack of Same Vendor
A spate of payment card breaches at some of the most recognized U.S. brands has been blamed on the hacking of India-based chat network provider [24]7.ai that led to the infiltration of online chat portals for Delta, Sears, Best Buy, Kmart and perhaps others.
Source: Info Risk Today Breaches Tied to Chat Network Provider