Here’s a reminder that sometimes, criminals lie. Yes, we know you may not really need that reminder, and sometimes criminals tell the truth and organizations lie or wordsmith, but in today’s news, The Register reports:
A digital burglar is claiming to have nabbed a trove of “highly sensitive” data from Check Point – something the American-Israeli security biz claims is a huge exaggeration.
A cybercrime forum user going by the name CoreInjection advertised “a highly sensitive dataset” allegedly comprised of Check Point files on Sunday evening. They claimed this contained internal network maps and architectural diagrams, user credentials (including hashed and plaintext passwords), employee contact information, and proprietary source code.
Screenshots shared in the post appear to show CoreInjection inside a Check Point admin Infinity (security management) portal, supposedly granting themselves the ability to change users’ two-factor authentication settings.
Read more at The Register.
