Breach Guide

Learn the steps to take in the event of a data breach and stay current on the cyber threat landscape with the FTC’s Data Breach Resources, FBI’s Daily Digest Library and San Diego’s Cyber Incident Response Guide.

Federal Trade Commission (FTC) Data Breach Resources

Find out the steps to take as a business or consumer if you experience a data breach.

ftc-gov

FBI Cyber Daily Digest Library

Stay current on the global threat landscape with the FBI’s daily circulation of published data breaches and articles.

  • Cloud Hopper hits several tech firms in Spyware attack

    Source: CISO Magazine
    By: FNU LNU
    Published: June 27, 2019
    * Security researchers stated that a global hacking campaign backed by China's Ministry of State Security broke into various technology service providers to steal commercial secrets from their clients.
    * The Reuters report revealed the compromised companies list that included Hewlett Packard Enterprise, IBM, Fujitsu, Tata Consultancy Services, NTT Data, Dimension Data, Computer Sciences Corporation, and DXC Technology.
  • Hacker steals $4.5 million from Bitrue cryptocurrency exchange

    Source: ZDNet
    By: Catalin Cimpanu
    Published: June 27, 2019
    * Hackers stole $4.25 million worth of Ripple coins and $225,000 worth of Cardano coins.
    * Per Bitrue's statement, administrators detected the hack and immediately shut down trading on their platform, putting the site in maintenance mode while they investigated what was happening.
  • NIST Updates SP 800-171 To Enhance DoD Contractor Security Against Cyber Attack

    Source: JDSupra
    By: Susan Ebner
    Published: June 26, 2019
    * Cybersecurity continues to be an imperative for the protection ofthe Department of Defense (DoD) and its contractors' supply chain.
    * On June 19, 2019, the National Institute of Standards andTechnology (NIST) issued two draft updates to its Special Publication800-171, "Protecting Controlled Unclassified Information in NonfederalSystems and Organizations" (NIST SP 800-171) to invigorate securitycontrols aimed at protecting entities in this supply chain.
  • Recent Hacks And Scams That Could Threaten Your Cybersecurity

    Source: MondaqBy: Karen Andersen
    Published: June 10, 2019
    - This brief is intended to help you make sense of the ever-changing world of cybersecurity so you can avoid similar scenarios.
  • Emuparadise gaming emulator website suffers data breach

    Source: ZDNet
    By: Charlie Osborne
    Published: June 10, 2019
    - Retro gaming website Emuparadise has been involved in a data breach leading to the exposure of 1.1 million user accounts. - The security incident took place on April 1, 2018, but has only recently emerged after information from impacted user accounts was provided to HaveIBeenPwned by dehashed.com.
  • Cathay Pacific Faulted For Data Breach, But Hackers' Objective Unclear

    Source: Forbes
    By: Will Horton
    Published: June 6, 2019
    * It is aviation's largest known data breach, with 9.4 millionCathay Pacific passengers impacted, but also puzzling, gathering only 430credit card numbers, mostly expired and none complete.
    * Cathay says it has not received any reports of data being misusedor listed on the 'dark web.'
    * Cathay was unequivocally faulted by Hong Kong's PrivacyCommissioner in a report released Thursday that identified twocontraventions of law, low regard to data privacy and taking seven monthsto disclose the 2018 breach.
  • A new cyber attack which can mimic a user's personalised keystroke

    Source: SciTech Europa
    By: FNU LNU
    Published: June 6, 2019
    * Ben-Gurion University of the Negev (BGU) cybersecurityresearchers have developed a new cyber attack which can mimic a user'spersonalised keystroke characteristics.
    * The cyber attack, called Malboard, evades several detectionproducts because they are designed to continuously verify the identity ofuser based on personalised keystroke characteristics.
  • Report: No 'Eternal Blue' Exploit Found in Baltimore City Ransomware

    Source: KrebsOnSecurity
    By: Krebs
    Published: June 3, 2019
    * For almost the past month, key computer systems serving thegovernment of Baltimore, Md. have been held hostage by a ransomware strainknown as 'Robbinhood.'
    * new analysis suggests that while Eternal Blue could have beenused to spread the infection, the Robbinhood malware itself contains notraces of it.
  • Security awareness training for executives keeps whaling at bay

    Source: SearchSecurity
    By: Alissa Irei
    Published: June 2019
    * Security awareness training for executives teaches anenterprise's biggest fish to recognize potential whaling attacks -- beforethey take the bait.
    * If Captain Ahab were a modern cybercriminal, his Moby Dick mightwell be an enterprise CEO. In a type of focused phishing attack calledwhaling, hackers target high-level end users through individually tailoredcampaigns designed to trick their marks into surrendering access,information or both.

San Diego Cyber Incident Response Guide

Learn more about San Diego’s region-wide cyber incident response guide and available local, state and federal resources.

San Diego Cyber Incident Response Guide October 2017