Catalin Cimpanu reports: A spammer has flooded the forum of the Babuk ransomware group with gay orgy porn GIFs after the Babuk gang failed to pay a $5,000 ransom demand the threat actor made on Friday. While initially, the Babuk gang derided the extortion attempt and deleted the spammer’s initial post, hundreds of forum...
Megha Gupta reports: On July 23, a hacker group claimed that they have got access to over 3.8 billion phone numbers from Clubhouse servers. The claim posted on a hackers’ forum alleging the leak states that the list of numbers contains cellphone, fixed, private, and professional numbers. The information about the claim was shared...
The following is all machine translation of a notice from CERT-RO (Romania) SRI, in cooperation with CERT-RO and the Clinical Hospital No.1 CF Witting in Bucharest, recently investigated a cyber attack with the ransomware application PHOBOS, which targeted the entity’s servers in the field of health. Following the encryption of the data, the attackers...
WKRG reports an update to a ransomware attack on Mobile County that was previously reported in June after SuspectFile broke the story of Grief’s attack and claims. As previously addressed in statements published by Mobile-area media, Mobile County recently discovered suspicious activity related to some of its computer systems. We immediately shut down and...
Convenience Store Chain Can’t Shield Investigative Report on Data Breach From Discovery, Judge Rules
We often hear of firms having their counsel running incident response and contracting of forensics, etc., so that any reports would be protected by work product doctrine as well as attorney-client privilege. But if the attorney doesn’t word the contract carefully, any report may not be covered by the doctrine. We saw that in...
Travis Gettys reports: More than 1,000 people — including Republican leaders and conservative media personalities — have already signed up for the pro-Donald Trump cryptocurrency magacoin. Poor security on a website associated with the cryptocurrency exposed users’ personal information, including passwords and IP addresses, and revealed that the vast majority of the magacoin produced...
Stephen Delahunty reports: A data breach at the National Lottery Community Fund has left more than six years of contact and bank details exposed to fraudulent behaviour. The grant-giver has apologised after data provided to it between September 2013 and December 2019 by UK Portfolio, England funding and Building Better Opportunities customers was breached....
When, if ever, will there be actual consequences for school districts that still do not practice basic security hygiene? Comptroller DiNapoli has released yet another k-12 district IT audit where the are results so bad that they won’t make them public. From the state’s summary: Audit Objective Determine whether Mount Pleasant Central School District...
Michael Pavitt reports: Login identification and passwords of some Tokyo 2020 Olympic and Paralympic Games ticketholders has reportedly been leaked online. Japanese news agency Kyodo quoted an unnamed Government official, who said the Tokyo 2020 Organising Committee had launched an investigation into the issue. Read more on InsideTheGames.
Education Industry at Higher Risk for IT Security Issues Due to Lack of Remote and Hybrid Work Policies