Jan Vermeulen reports: South African Nespresso distributor Top Coffee has sent a notice to clients informing them that their names, phone numbers, and email addresses may have been leaked. According to the notice, the personal information may have been temporarily exposed through a third-party supplier. The distributor doesn’t believe that any customer financial information was…
Author: Dissent
Cloudflare, CrowdStrike, and Ping Identity Join Forces to Strengthen U.S. Cybersecurity in Light Of Increased Cyber Threats
They deserve good press for this — here’s their full press release from today: Cloudflare, CrowdStrike, and Ping Identity Join Forces to Strengthen U.S. Cybersecurity in Light Of Increased Cyber Threats The Critical Infrastructure Defense Project will provide comprehensive, no-cost cyber protections for U.S. hospitals and water and power utilities SAN FRANCISCO — March…
Long delay before Cybersecurity NSW notified of Accellion hack
Anton Nilsson reports: NSW agencies may have delayed reporting a massive cyber attack to authorities for nearly a month, officials revealed on Monday. The breach of a software known as Accellion in December 2020 affected businesses and agencies worldwide, including Transport for NSW which had sensitive information stolen and posted on the dark web. Cybersecurity NSW…
OH: Hilliard City Schools evaluating protocols after releasing 4,200 names of students in public-information request
A. Kevin Corvo reports: Hilliard City Schools leaders are reviewing protocols related to public-information requests after learning Feb. 27 the district released the identity of students who were subject to disciplinary measures. “This was a mistake (and) we need to be better. … Steps are being taken to ensure that it won’t happen again,” Superintendent David…
Adafruit discloses data leak from ex-employee’s GitHub repo
Ax Sharma reports: Adafruit has disclosed a data leak that occurred due to a publicly-viewable GitHub repository. The company suspects this could have allowed “unauthorized access” to information about certain users on or before 2019. Based in New York City, Adafruit is a producer of open-source hardware components since 2005. The company designs, manufactures, and sells electronics…
Malware now using stolen NVIDIA code signing certificates
Lawrence Abrams reports: Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. […] After Lapsus$ leaked NVIDIA’s code-signing certificates, security researchers quickly found that the certificates were being used to sign malware and other tools used by threat actors. According to samples…