LATEST POST
Hacking group leaks Fortinet users’ details on dark web
Details from more than 15,000 devices exposed If you use Fortinet, Computing.co.uk has information that you need to know: Hackers calling themselves Belsen Group have leaked details of users of Fortinet firewalls on the dark web. Researcher Kevin Beaumont, who has reviewed the data dump, says he believes it to be genuine, since devices in […]
Justice Department and FBI Conduct International Operation to Delete Malware Used by China-Backed Hackers
Court-Authorized Operation Removes PlugX Malware from Over 4,200 Infected U.S. Computers Note: View the affidavit here. The Justice Department and FBI today announced a multi-month law enforcement operation that, alongside international partners, deleted “PlugX” malware from thousands of infected computers worldwide. As described in court documents unsealed in the Eastern District of Pennsylvania, a group of […]
Attorney General Ken Paxton Sues Allstate and Arity for Unlawfully Collecting, Using, and Selling Over 45 Million Americans’ Driving Data to Insurance Companies
A January 13, 2025 press release from Texas Attorney General Ken Paxton: Texas Attorney General Ken Paxton sued Allstate and its subsidiary, Arity (“Allstate”), for unlawfully collecting, using, and selling data about the location and movement of Texans’ cell phones through secretly embedded software in mobile apps, such as Life360. Allstate and other insurers then […]
UK government plans to prohibit government and public sector entities from paying ransomware demands
Governments have routinely urged ransomware victims not to pay ransom demands, as it only encourages them to attack even more victims. Now the UK government may prohibit government and public sector entities from paying. LBC reports: Security minister Dan Jarvis told LBC: “We want these cyber criminals who operate from Russia and elsewhere to look […]
Robinhood to Pay $45 Million SEC Settlement Over Data Breach, Other Violations
WSJ reports: Two brokerage units of Robinhood Markets agreed to pay $45 million to settle an investigation by the Securities and Exchange Commission into a range of alleged violations, including one stemming from a 2021 data breach that exposed millions of customer names and emails. The settlement is the latest in a string of big […]
Gravy Analytics breach of location data puts millions of us at risk
As previously reported, a hacker claimed to have acquired a massive amount of data from Gravy Analytics. A sample of the data, confirmed by 404Media, was posted on a Russian-language forum by a user called “Nightly,” with a threat that if payment was not made, all of the data would be leaked. That post was […]
Researcher Uncovers AWS S3 Ransomware Vulnerabilities
As if there weren’t enough concerns with misconfigured Amazon AWS s3 buckets exposing data, now we read this: Security researchers at Rhino Security Labs have uncovered a concerning vulnerability in Amazon Web Services (AWS) S3 storage systems that could allow attackers to execute ransomware attacks against cloud-stored data. The research demonstrates how attackers can encrypt S3 bucket […]
FAQs for Schools and Persons Affected By the PowerSchool Data Breach
Joseph Lazzarotti of the Jackson Lewis law firm has some helpful advice for schools affected by the PowerSchool breach. Here are a few snippets: State breach notification laws generally place the obligation to notify affected persons and others on the owner of the personal information compromised in the breach, not the service provider that had […]