LATEST POST
NY DFS Issues New Cybersecurity Guidance to Address Risks Associated with the Use of Third-Party Service Providers
Given how many breaches are at third-party service providers this year, guidance on dealing with vendors with an eye towards cybersecurity seems timely. October 21, 2025 New York State Department of Financial Services (DFS) Acting Superintendent Kaitlin Asrow today issued new cybersecurity guidance addressing the risks associated with entities becoming increasingly reliant on third-party service […]
Before Their Telegram Channel Was Banned Again, ScatteredLAPSUS$Hunters Dropped Files Doxing Government Employees
DataBreaches.net reports: On October 16 and 17, the ScatteredLAPSUS$Hunters Telegram channel repeatedly violated Telegram’s TOS by leaking personal information on people — and in this case, information on employees of the Department of Justice (DOJ/FBI), U.S. Attorneys Office (DOJ/USAO), the Department of Homeland Security (DHS), and the Federal Aviation Authority (FAA). … The .csv file […]
Russian hackers ‘steal HUNDREDS of U.K. Ministry of Defence files and leak them to dark web’ in ‘catastrophic’ attack
The Sun reports: RUSSIAN cybercriminals have stolen hundreds of military documents and posted them on the dark web in a ‘catastrophic’ hack. The security breach compromised eight RAF and Royal Navy bases as well as emails and names of Ministry of Defence staff, as reported in The Mail on Sunday. The breach has been labelled ‘catastrophic’ and the MoD are investigating the […]
Hackers Blast Pro-Hamas, Anti-Trump Messages Through Four Airport PA Systems
The Daily Beast reports: Four airports across the U.S. and Canada were hacked to display a series of pro-Hamas and anti-Trump messages, causing flights to be delayed. Videos posted by passengers at Harrisburg International Airport in Pennsylvania showed loudspeakers blasting pro-Palestinian messages in Arabic while flight information screens broadcast messages reading “Israel lost the war, […]
CISA warns of ‘significant’ threat to federal networks after nation-state hackers stole F5 source code, undisclosed bug info
The Record reports: The federal government has issued an emergency directive ordering all civilian agencies to update products from F5 after the security company said a nation-state actor had long-term persistent access to source code and information about undisclosed vulnerabilities during a breach discovered in August. The Cybersecurity and Infrastructure Security Agency (CISA) said it “has identified […]
Capita given record £14 million fine over ransomware attack security failings
The Record reports: Capita, the United Kingdom’s largest outsourcing company, was on Wednesday fined £14 million ($18.7 million) over security failings that saw attackers compromise the personal information of 6.6 million people in a ransomware attack in 2023. The voluntary settlement is for less than a third of the £45 million ($60 million) Britain’s data […]
F5 Networks reports nation-state cyberattack on product systems
This is not an incident involving personally identifiable information or protected health information. It involves source code and information about product vulnerabilities. Street Insider reports: F5 Networks (NASDAQ: FFIV) disclosed that a nation-state threat actor gained unauthorized access to certain company systems on August 9, 2025, according to a company statement. The network security company said […]
John Bolton Indictment Provides Interesting Details About Hack of His AOL Account and Extortion Attempt
Kim Zetter writes: The investigation into former national security advisor John Bolton’s handling of classified material stemmed in part from an admission Bolton made to the FBI in July 2021 that hackers – believed to be from Iran – had breached his private AOL email account and tried to extort him over classified information contained […]