Security News

Des Moines Public Schools, Iowa's largest school district, confirmed today that a ransomware attack was behind an incident that forced it to take all networked systems offline on January 9, 2023. While the school district also received a ransom demand following the attack from an unnamed ransomware group, the ransom has not been paid.

Indiana, Iowa, and Tennessee all passed state privacy laws, bringing the total number of states with a privacy law up to eight. No private right of action in any of those, which means it's up to the states to enforce the laws.

Des Moines Public Schools, the largest school district in Iowa, canceled all classes on Tuesday after taking all networked systems offline in response to "Unusual activity" detected on its network one day before. "Because many technology tools that support both classroom learning as well as the management and operation of the school district are not available at this time, the prudent decision is to close the district for the day."

A ransomware group believed to be the latest incarnation of the infamous DarkSide cybergang is being blamed for taking out a farmers' cooperative online network, with extortionists demanding $5.9 million in ransom. The group BlackMatter is credited for the attack on an Iowa collective of farmers called NEW Cooperative.

The records of roughly 500,000 patients of an eye clinic with locations throughout Iowa may have been stolen as part of a ransomware attack on the business earlier this year. Wolfe Eye Clinic said Tuesday its computer network was attacked on Feb. 8 by hackers who demanded a ransom to unlock access to its systems, but the company didn't pay the hackers.

The pair were performing a routine penetration test at the Dallas County courthouse at night when they tripped an alarm, were collared by deputies, and, ultimately, charged with felony trespassing - a crime that can lead to up to seven years behind bars. Part of the problem, the two professional attackers told the Black Hat online conference today, was the imprecise terms of the penetration tests Coalfire was hired to perform at the request of the US state of Iowa.

The pair were performing a routine penetration test at the Dallas County courthouse at night when they tripped an alarm, were collared by deputies, and, ultimately, charged with felony trespassing - a crime that can lead to up to seven years behind bars. Part of the problem, the two professional attackers told the Black Hat online conference today, was the imprecise terms of the penetration tests Coalfire was hired to perform at the request of the US state of Iowa.

The latest edition of the ISMG Security Report offers an analysis of the missteps that led to problems with the app used in this week's Democratic presidential caucuses in Iowa. Also featured:...

The Iowa Democratic Party did not train volunteers on how to use the 2020 caucus app from tech company Shadow, but that was not the only problem with the process. Here is a postmortem from software developers and business leaders on what went wrong with the rollout of the Iowa caucus app.

Apparently the app was deployed through mobile testing platforms, not the App Store or the Play Store. SEE: Iowa caucus app fiasco: How it happened and lessons learned.