LATEST POST
Blue Yonder investigating Clop gang’s threat linked to exploited Cleo CVEs
The Cl0p gang that previously successfully attacked file transfer software platforms by exploiting zero-day vulnerabilities is now starting to leak data from yet another campaign targeting file transfer software. This time, it’s CLEO. Cybersecurity Dive reports: Blue Yonder said it is investigating a threat after Clop listed the supply chain management company among nearly 60 […]
Hacking group leaks Fortinet users’ details on dark web
Details from more than 15,000 devices exposed If you use Fortinet, Computing.co.uk has information that you need to know: Hackers calling themselves Belsen Group have leaked details of users of Fortinet firewalls on the dark web. Researcher Kevin Beaumont, who has reviewed the data dump, says he believes it to be genuine, since devices in […]
Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers
Court-Authorized Operation Removes PlugX Malware from Over 4,200 Infected U.S. Computers Note: View the affidavit here. The Justice Department and FBI today announced a multi-month law enforcement operation that, alongside international partners, deleted “PlugX” malware from thousands of infected computers worldwide. As described in court documents unsealed in the Eastern District of Pennsylvania, a group of […]
Attorney General Ken Paxton Sues Allstate and Arity for Unlawfully Collecting, Using, and Selling Over 45 Million Americans’ Driving Data to Insurance Companies
A January 13, 2025 press release from Texas Attorney General Ken Paxton: Texas Attorney General Ken Paxton sued Allstate and its subsidiary, Arity (“Allstate”), for unlawfully collecting, using, and selling data about the location and movement of Texans’ cell phones through secretly embedded software in mobile apps, such as Life360. Allstate and other insurers then […]
UK government plans to prohibit government and public sector entities from paying ransomware demands
Governments have routinely urged ransomware victims not to pay ransom demands, as it only encourages them to attack even more victims. Now the UK government may prohibit government and public sector entities from paying. LBC reports: Security minister Dan Jarvis told LBC: “We want these cyber criminals who operate from Russia and elsewhere to look […]
Robinhood to Pay $45 Million SEC Settlement Over Data Breach, Other Violations
WSJ reports: Two brokerage units of Robinhood Markets agreed to pay $45 million to settle an investigation by the Securities and Exchange Commission into a range of alleged violations, including one stemming from a 2021 data breach that exposed millions of customer names and emails. The settlement is the latest in a string of big […]
Gravy Analytics breach of location data puts millions of us at risk
As previously reported, a hacker claimed to have acquired a massive amount of data from Gravy Analytics. A sample of the data, confirmed by 404Media, was posted on a Russian-language forum by a user called “Nightly,” with a threat that if payment was not made, all of the data would be leaked. That post was […]
Ransomware criminals lie to us. Can we lie to them?
Some ransomware gangs demand millions of dollars in ransom or even tens of millions of dollars. Even smaller businesses, non-profit organizations, and public school districts have increasingly become victims of cyberattacks because they are easy targets with poor defenses against attackers. Do you want your system unlocked? Do you want your data back or deleted […]