LATEST POST
Researcher Uncovers AWS S3 Ransomware Vulnerabilities
As if there weren’t enough concerns with misconfigured Amazon AWS s3 buckets exposing data, now we read this: Security researchers at Rhino Security Labs have uncovered a concerning vulnerability in Amazon Web Services (AWS) S3 storage systems that could allow attackers to execute ransomware attacks against cloud-stored data. The research demonstrates how attackers can encrypt S3 bucket […]
FAQs for Schools and Persons Affected By the PowerSchool Data Breach
Joseph Lazzarotti of the Jackson Lewis law firm has some helpful advice for schools affected by the PowerSchool breach. Here are a few snippets: State breach notification laws generally place the obligation to notify affected persons and others on the owner of the personal information compromised in the breach, not the service provider that had […]
Critical Warning For 100 Million Apple Users—New Hack Attack Confirmed
Forbes reports that some new research suggests that 100 million macOS users are at risk from a new attack involving a Banshee Stealer variant: A new variant of the macOS Banshee Stealer threat, capable of hacking browser credentials, cryptocurrency wallets and other sensitive data, has been monitored by security researchers since late last year. Now those […]
Japan links Chinese hacker MirrorFace to dozens of cyberattacks targeting security and tech data
The Associated Press reports: Japan on Wednesday linked more than 200 cyberattacks over the past five years targeting the country’s national security and high technology data to a Chinese hacking group, MirrorFace, detailing their tactics and calling on government agencies and businesses to reinforce preventive measures. The National Police Agency said its analysis on the […]
PowerSchool Sued Over December Breach of Student, Teacher Data
24 hours. That’s the gap between PowerSchool’s disclosure of a hacking incident affecting teacher and student data and the filing of the first potential class-action lawsuit. Bloomberg Law reports on three potential class-action lawsuits that were filed on January 8th and 9th against the provider of cloud-based education software for K-12 schools: The complaints bring […]
RIBridges has many lines of defense. How was the system breached?
This article by Alexander Castro originally appeared in Rhode Island Current on January 10, 2025 and is republished here under Creative Commons License. Rhode Island’s online public benefits system appears to be a fortress with many defenses, including 15 different kinds of security and monitoring software, state documentation shows. Despite those shields, a glut of […]
Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data
Last month, the Federal Trade Commission announced that it was taking action against Gravy Analytics Inc. and its subsidiary Venntel Inc. for unlawfully tracking and selling sensitive location data from users, including selling data about consumers’ visits to health-related locations and places of worship. Under a proposed order, Gravy Analytics and Venntel will be prohibited from […]
Russian ISP confirms Ukrainian hackers “destroyed” its network
Bleeping Computer reports: Ukrainian hacktivists, part of the Ukrainian Cyber Alliance group, announced on Tuesday they had breached Russian internet service provider Nodex’s network and wiped hacked systems after stealing sensitive documents. “The Russian internet provider Nodex in St. Petersburg was completely looted and wiped. Data exfiltrated, while the empty equipment without backups was left […]