Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • Mac Malware Pushed via Google Search Results, Masquerades as Flash Installer

    Source: ThreatPost
    By: Lindsey O'Donnell
    Published: July 2, 2019
    * Never-before-seen Mac malware, dubbed OSX/CrescentCore, has been discovered in the wild.
    * The trojan, spotted on various websites masquerading as an Adobe Flash Player installer, drops malicious applications and browser extensions on victims' systems when downloaded.

  • How To Secure The Internet Of Battlefield Things From Cyber Attacks

    Source: National Interest
    By: Dan Goure
    Published: June 30, 2019
    * It should come as no surprise that the IOT has extended togovernment networks, particularly those operated by the Department of Defense (DoD).
    * The result is what some observers call the 'Internet ofBattlefield Things' (IOBT). There is a general consensus among experts that the military which first creates the IOBT will gain a decisive advantage over its competitors.
  • AI, Cyber Get Big Boost in Senate-Passed NDAA

    Source: NextGov
    By: Jack Corrigan
    Published: June 28, 2019
    * A massive defense policy bill approved by the Senate on Thursday is loaded with provisions to advance the Pentagon's tech and protect the country against digital threats posed by Russia and China.
    * The legislation would authorize hundreds of millions of dollars for artificial intelligence and cyber research, and support efforts to lockdown the government supply chain, fight foreign misinformation and bolster the Pentagon's tech workforce.
  • Cloud Hopper hits several tech firms in Spyware attack

    Source: CISO Magazine
    By: FNU LNU
    Published: June 27, 2019
    * Security researchers stated that a global hacking campaign backed by China's Ministry of State Security broke into various technology service providers to steal commercial secrets from their clients.
    * The Reuters report revealed the compromised companies list that included Hewlett Packard Enterprise, IBM, Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation, and DXC Technology.
  • Hacker steals $4.5 million from Bitrue cryptocurrency exchange

    Source: ZDNet
    By: Catalin Cimpanu
    Published: June 27, 2019
    * Hackers stole $4.25 million worth of Ripple coins and $225,000 worth of Cardano coins.
    * Per Bitrue's statement, administrators detected the hack and immediately shut down trading on their platform, putting the site in maintenance mode while they investigated what was happening.
  • NIST Updates SP 800-171 To Enhance DoD Contractor Security Against Cyber Attack

    Source: JDSupra
    By: Susan Ebner
    Published: June 26, 2019
    * Cybersecurity continues to be an imperative for the protection ofthe Department of Defense (DoD) and its contractors' supply chain.
    * On June 19, 2019, the National Institute of Standards andTechnology (NIST) issued two draft updates to its Special Publication800-171, "Protecting Controlled Unclassified Information in NonfederalSystems and Organizations" (NIST SP 800-171) to invigorate securitycontrols aimed at protecting entities in this supply chain.
  • Recent Hacks And Scams That Could Threaten Your Cybersecurity

    Source: MondaqBy: Karen Andersen
    Published: June 10, 2019
    - This brief is intended to help you make sense of the ever-changing world of cybersecurity so you can avoid similar scenarios.
  • Emuparadise gaming emulator website suffers data breach

    Source: ZDNet
    By: Charlie Osborne
    Published: June 10, 2019
    - Retro gaming website Emuparadise has been involved in a data breach leading to the exposure of 1.1 million user accounts. - The security incident took place on April 1, 2018, but has only recently emerged after information from impacted user accounts was provided to HaveIBeenPwned by dehashed.com.
  • Cathay Pacific Faulted For Data Breach, But Hackers' Objective Unclear

    Source: Forbes
    By: Will Horton
    Published: June 6, 2019
    * It is aviation's largest known data breach, with 9.4 millionCathay Pacific passengers impacted, but also puzzling, gathering only 430credit card numbers, mostly expired and none complete.
    * Cathay says it has not received any reports of data being misusedor listed on the 'dark web.'
    * Cathay was unequivocally faulted by Hong Kong's PrivacyCommissioner in a report released Thursday that identified twocontraventions of law, low regard to data privacy and taking seven monthsto disclose the 2018 breach.
  • A new cyber attack which can mimic a user's personalised keystroke

    Source: SciTech Europa
    By: FNU LNU
    Published: June 6, 2019
    * Ben-Gurion University of the Negev (BGU) cybersecurityresearchers have developed a new cyber attack which can mimic a user'spersonalised keystroke characteristics.
    * The cyber attack, called Malboard, evades several detectionproducts because they are designed to continuously verify the identity ofuser based on personalised keystroke characteristics.

San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017