LATEST POST
Cybersecurity Information Sharing Act of 2015 Allowed to Sunset
From Covington and Burling’s Inside Privacy blog: The Cybersecurity Information Sharing Act of 2015 (“CISA 2015”), which provided protections for sharing cybersecurity threat information with the federal government and others, officially sunset on September 30, 2025 pursuant to the law’s original sunset date after efforts to re-authorize it did not succeed. The law created a cybersecurity information […]
Ransomware variant poses heightened risk to hospitals
Becker’s Health IT reports: The Health Information Sharing and Analysis Center, a nonprofit organization that works to share threat intelligence, issued an alert Oct. 1 regarding LockBit 5.0, a ransomware variant that represents an elevated risk to healthcare and other enterprises. The variant is the latest iteration of the ransomware-as-a-service group, which resurfaced in September after a […]
Renault Informs Customers of Supply Chain Data Breach
Infosecurity Magazine reports: Read more at Infosecurity Magazine.
Red Hat Confirms GitLab Instance Hack, Data Theft
Security Week reports: Red Hat on Thursday confirmed that one of its GitLab instances was hacked after a threat actor claimed to have stolen sensitive data belonging to the company and its customers. It was initially reported that the hackers had targeted a GitHub instance, but the enterprise software giant clarified that it was actually […]
ParkMobile pays… $1 each for 2021 data breach that hit 22 million
Bleeping Computer reports: ParkMobile has finally wrapped up a class action lawsuit over the platform’s 2021 data breach that hit 22 million users. But there’s a catch: victims are receiving compensation in the form of a $1 in-app credit, which they must claim manually. And, it comes with an expiration date. In-app $0.25 credit can be […]
Scattered Lapsus$ Hunters Returns With Salesforce Leak Site
DarkReading reports: After announcing its farewell last month, the cyber extortion group known as Scattered Lapsus$ Hunters returned on Friday with a website featuring stolen Salesforce data and a list of dozens of alleged victims. Scattered Lapsus$ Hunters is an apparent combination of the Scattered Spider, Lapsus$, and ShinyHunters cybercriminal groups, which first emerged over the summer […]
Oracle customers being bombarded with emails claiming widespread data theft
CyberScoop reports: Attackers appearing to be aligned with the Clop ransomware group have sent emails to Oracle customers seeking extortion payments, claiming they stole data from the tech giant’s E-Business Suite, according to researchers who spoke with CyberScoop. Researchers haven’t confirmed the veracity of Clop’s claimed data theft, but multiple investigations into Oracle environments belonging […]
Discord customer service data breach leaks user info and scanned photo IDs
The Verge reports: One of Discord’s third-party customer service providers was compromised by an “unauthorized party,” the company says. The unauthorized party gained access to “information from a limited number of users who had contacted Discord through our Customer Support and/or Trust & Safety teams” and aimed to “extort a financial ransom from Discord.” The unauthorized […]