Tag: data-breach
-
HHS Slaps Warby Parker With $1.5M Penalty Over Data Breach
First seen on scworld.com Jump to article: www.scworld.com/brief/hhs-slaps-warby-parker-with-1-5m-penalty-over-data-breach
-
House Dems say DOGE is leaving publicly exposed entry points into government systems
A letter from a trio of lawmakers says the group has “left multiple government agencies vulnerable to cyberattacks” from foreign entities. First seen on cyberscoop.com Jump to article: cyberscoop.com/house-dems-say-doge-is-leaving-publicly-exposed-entry-points-into-government-systems/
-
Background check, drug testing provider DISA suffers data breach
DISA Global Solutions, a Texas-based company that provides employment screening services (including drug and alcohol testing and background checks) for over 55,000 … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/25/background-check-drug-testing-provider-disa-suffers-data-breach/
-
US drug testing firm DISA says data breach impacts 3.3 million people
DISA Global Solutions, a leading US background screening and drug and alcohol testing firm, has suffered a data breach impacting 3.3 million people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-drug-testing-firm-disa-says-data-breach-impacts-33-million-people/
-
US drug testing firm says data breach impacted 3.3 million people
DISA Global Solutions, a leading US background screening and drug and alcohol testing firm, has suffered a data breach impacting 3.3 million people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/disa-global-says-data-breach-impacted-33-million-people/
-
Background check and drug testing provider DISA Global Solutions reports data breach
Houston-based employee screening company DISA Global Solutions says a 2024 data breach exposed the information of more than 3.3 million people. First seen on therecord.media Jump to article: therecord.media/background-check-company-disa-data-breach
-
Southern Water takes the fifth over alleged $750K Black Basta ransom offer
Leaked chats and spilled secrets as AI helps decode circa 200K private talks First seen on theregister.com Jump to article: www.theregister.com/2025/02/25/southern_water_black_basta_leak/
-
Warby Parker slapped with $1.5M penalty over data breach
First seen on scworld.com Jump to article: www.scworld.com/brief/warby-parker-slapped-with-1-5m-penalty-over-data-breach
-
Chinese cybersecurity firm’s involvement in surveillance, censorship exposed by data leak
First seen on scworld.com Jump to article: www.scworld.com/brief/chinese-cybersecurity-firms-involvement-in-surveillance-censorship-exposed-by-data-leak
-
Leaked Black Basta Chats Expose Ransomware Secrets Infighting
Leaked Black Basta chat logs expose ransomware secrets, key members, and internal conflicts, revealing new insights into cybercrime operations. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/cybersecurity/black-basta-ransomware-leak-chat-logs/
-
What defenders are learning from Black Basta’s leaked chat logs
The ransomware syndicate’s internal chats exposed a wide swath of the group’s inner workings. First seen on cyberscoop.com Jump to article: cyberscoop.com/black-basta-internal-chat-leak/
-
Smart Bed Security Flaw Lets Hackers Access Other Network Devices
Tags: access, backdoor, credentials, cyber, data-breach, flaw, hacker, Internet, iot, network, service, vulnerabilityA security researcher has uncovered critical vulnerabilities in Eight Sleep’s internet-connected smart beds, revealing exposed Amazon Web Services (AWS) credentials, remote SSH backdoors, and potential access to users’ entire home networks. The findings underscore growing concerns about IoT device security as consumers increasingly adopt connected appliances for everyday use. Researcher Discovers AWS Keys and Remote…
-
Leaked Black Basta chat logs reveal the gang’s operations
Leaked Black Basta chat logs reveal internal conflicts, exposing member details and hacking tools as the gang reportedly falls apart. An unknown actor, named ExploitWhispers, leaked Matrix chat logs of the Black Basta ransomware gang revealing internal conflicts, and exposing member details and hacking tools as the gang reportedly collapses. ExploitWhispers first uploaded the chat…
-
LockBit Ransomware Strikes: Exploiting a Confluence Vulnerability
Tags: attack, cvss, cyber, data-breach, exploit, lockbit, malicious, ransomware, remote-code-execution, vulnerability, windowsIn a swift and highly coordinated attack, LockBit ransomware operators exploited a critical remote code execution vulnerability (CVE-2023-22527) in Atlassian Confluence servers, targeting an exposed Windows server. This vulnerability, rated CVSS 10.0, enabled unauthenticated attackers to execute arbitrary commands by injecting malicious Object-Graph Navigation Language (OGNL) expressions into improperly sanitized template files. The attack commenced…
-
Leaked chat logs expose inner workings of secretive ransomware group
Researchers are poring over the data and feeding it into ChatGPT. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/02/leaked-chat-logs-expose-inner-workings-of-secretive-ransomware-group/
-
Change Healthcare’s Mega Attack: 1 Year Later
Ransomware Attack Taught Lessons on Health Sector Resiliency, Vendor Redundancy. It’s been one year since hackers attacked IT services provider Change Healthcare, quickly shutting down critical processes for thousands healthcare entities, triggering a data breach affecting 190 million people. So what top lessons are emerging from that massive disruption and data compromise? First seen on…
-
Purported Black Basta internal communications exposed
First seen on scworld.com Jump to article: www.scworld.com/brief/purported-black-basta-internal-communications-exposed
-
Leaked Files Tie Chinese Cybersecurity Firm to Government Censorship
TopSec data leak: 7000+ documents expose potential Chinese government surveillance and censorship practices. Learn about the key findings… First seen on hackread.com Jump to article: hackread.com/leaked-files-chinese-cybersecurity-firm-govt-censorship/
-
Leaked Black Basta Chat Logs Show Banality of Ransomware
‘He Is an Idiot,’ Dissatisfied Hacker Writes of Boss. Two hundred thousand internal chat messages from the Russian ransomware group Black Basta have been leaked online, supposedly in reprisal for the operation targeting Russian banks. The partial logs, spanning 13 months, detail negotiations with victims, ransoms paid, internal disagreements and more. First seen on govinfosecurity.com…
-
A huge trove of leaked Black Basta chat logs expose the ransomware gang’s key members and victims
A leaker allegedly published the leaked internal messages after the group allegedly targeted Russian banks First seen on techcrunch.com Jump to article: techcrunch.com/2025/02/21/a-huge-trove-of-leaked-black-basta-chat-logs-expose-the-ransomware-gangs-key-members-and-victims/
-
In Other News: Black Basta Chats Leaked, New SEC Cyber Unit, DOGE Site Hacked
Noteworthy stories that might have slipped under the radar: Black Basta ransomware chat logs leaked, SEC launches new cyber unit, DOGE website hacked. The post In Other News: Black Basta Chats Leaked, New SEC Cyber Unit, DOGE Site Hacked appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/in-other-news-black-basta-chats-leaked-new-sec-cyber-unit-doge-site-hacked/
-
Critical Vulnerability in Fluent Bit Exposes Cloud Services to Potential Cyber Attacks
Tags: attack, cloud, computing, cve, cvss, cyber, data-breach, flaw, infrastructure, metric, service, tool, vulnerabilityA critical security flaw in Fluent Bit, a widely adopted log processing and metrics collection tool part of the Cloud Native Computing Foundation (CNCF), has exposed enterprise cloud infrastructures to denial-of-service (DoS) attacks. Designated as CVE-2024-50608 and CVE-2024-50609, these vulnerabilities”, scoring 8.9 on the CVSS v3.1 severity scale”, stem from improper handling of HTTP headers…
-
Black Basta is latest ransomware group to be hit by leak of chat logs
Cybersecurity researchers are analyzing about 200,000 messages from inside the high-profile Black Basta ransomware operation that were leaked recently. First seen on therecord.media Jump to article: therecord.media/black-basta-ransomware-group-chat-logs-leaked
-
BlackBasta Ransomware Chatlogs Leaked Online
BlackBasta’s internal chatlogs are “highly useful from a threat intelligence perspective,” said Prodaft, the firm that revealed the leak First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/blackbasta-ransomware-chatlogs/
-
IBM OpenPages Flaw Exposed Authentication Credentials to Attackers
Tags: access, authentication, compliance, credentials, cve, cyber, data-breach, exploit, flaw, governance, ibm, risk, tool, vulnerabilityIBM recently disclosed multiple vulnerabilities in its OpenPages platform, a tool widely used for governance, risk, and compliance management. These vulnerabilities, if exploited, could allow attackers to access sensitive information, disrupt critical processes, or compromise authentication credentials. Below are the details of the most critical issues identified. Vulnerabilities Details: CVE-2024-45613: Cross-Site Scripting (XSS) in CKEditor…
-
AWS Key Hunter: An Automated Solution for Exposed Key Detection
AWS Key Hunter, a cutting-edge automated solution designed to identify exposed AWS keys in GitHub repositories. This powerful tool combines real-time monitoring, advanced scanning capabilities, and a seamless notification system to help developers and organizations protect sensitive cloud credentials from falling into the wrong hands. What is AWS Key Hunter? AWS Key Hunter is an…
-
Check out this free automated tool that hunts for exposed AWS secrets in public repos
You can find out if your GitHub codebase is leaking keys … but so can miscreants First seen on theregister.com Jump to article: www.theregister.com/2025/02/19/automated_tool_scans_public_repos/
-
Data breach notifications commenced by Finastra
First seen on scworld.com Jump to article: www.scworld.com/brief/data-breach-notifications-commenced-by-finastra