RawStory reports: A Department of Homeland Security whistleblower has released the identities of about 4,500 ICE and Border Patrol employees Tuesday in what has been called potentially the largest agency data breach for the department. The killing of 37-year-old mother Renee Nicole Good by ICE agent Jonathan Ross last week in Minneapolis has prompted the leak of personnel date […]
As seen on HackRead: Resecurity, which shared its research with Hackread.com, found that the leaked file contains information on 323,986 users, including their “metadata extracted from MySQL DB,” which is basically a digital footprint that could help identify the people behind the screens. The database was published on shinyhunte.rs, a site that has previously hosted stolen […]
The Register reports: Meta has fixed a flaw in its Instagram service that allowed third parties to generate password reset emails, but denied the problem led to theft of users’ personal information. Last Friday, security software vendor Malwarebytes claimed “Cybercriminals stole the sensitive information of 17.5 million Instagram accounts, including usernames, physical addresses, phone numbers, email addresses, […]
Fox News reports: Cybercriminals have found a clever new way to get phishing emails straight into inboxes. Instead of spoofing brands, they are abusing real cloud tools that people already trust. Security researchers say attackers recently hijacked a legitimate email feature inside Google Cloud. The result was thousands of phishing messages that looked and felt like […]
BleepingComputer reports: A threat actor known as Zestix has been offering to sell corporate data stolen from dozens of companies likely after breaching their ShareFile, Nextcloud, and OwnCloud instances. According to cybercrime intelligence company Hudson Rock, initial access may have been obtained through credentials collected by info-stealing malware such as RedLine, Lumma, and Vidar deployed on employee devices. […]
KnowTechie reports: Two former cybersecurity professionals have admitted they were secretly running ransomware attacks on the side. According to an announcement this week from the US Department of Justice, Ryan Goldberg, 40, and Kevin Martin, 36, pleaded guilty to orchestrating a string of ransomware attacks in 2023 that netted them about $1.2 million in Bitcoin. Here’s the […]
SecurityWeek provides an update on the Coupang breach: Coupang, the South Korean ecommerce giant listed in the US (NYSE: CPNG), on Monday announced plans to spend 1.685 trillion won (~$1.17 billion) in compensation over a recent data breach. The incident, the company said in early December, was discovered on November 18, and involved unauthorized access […]
News19 reports: Nearly a quarter of a million residents in South Carolina may have had their data exposed in a breach that occurred months earlier, according to state records. A data breach notice provided to the South Carolina Department of Consumer Affairs (SCDCA) by Prosper Marketplace Inc. on Dec. 11 stated that the company learned […]
BleepingComputer reports: A hacker claims to have breached Condé Nast and leaked an alleged WIRED database containing more than 2.3 million subscriber records, while also warning that they plan to release up to 40 million additional records for other Condé Nast properties. On December 20, a threat actor using the name “Lovely” leaked the database […]
The Register reports: The US says it has shut down a platform used by cybercriminals to break into Americans’ bank accounts. A law enforcement splash page now appears when trying to reach web3adspanels.org, which supported SEO poisoning campaigns designed to steal people’s bank account credentials. Criminals would pay for prime slots in search engine results, […]
