Marco A. De Felice (aka @amvinfe) had a bird’s eye view of negotiations between a Brazilian credit recovery and financial solutions firm and the Hive ransomware team. He also got to track the victim’s payment over wallets. Reading his partial transcript from the negotiations, the victim quickly went from an offer of $50k — an…
Category: Business Sector
LastPass’s August incident contributed to a new incident
There’s an update to the LastPass security incident they disclosed in August. LastPass had released its findings from that incident in a September update, posted on their site. But now there’s another a new disclosure involving an incident facilitated by the August incident. LastPass’s CEO, Karim Toubba, writes: We recently detected unusual activity within a third-party…
Ireland’s Data Protection Commission announces decision in Facebook “Data Scraping” Inquiry
Press release: The Data Protection Commission (DPC) has today announced the conclusion to an inquiry into Meta Platforms Ireland Limited (MPIL), data controller of the “Facebook” social media network, imposing a fine of €265 million and a range of corrective measures. The DPC commenced this inquiry on 14 April 2021, on foot of media reports…
5.4 million Twitter users’ stolen data leaked online — more shared privately
Lawrence Abrams reports: Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum. Another massive, potentially more significant, data dump of millions of Twitter records has also been disclosed by a security researcher, demonstrating how widely abused this bug…
WhatsApp dismisses report of alleged data leak containing phone numbers of nearly 3 million Hongkongers
Danny Mok reports: WhatsApp on Sunday dismissed a media report claiming that a database containing the mobile phone numbers of nearly 500 million users, including almost 3 million from Hong Kong, was leaked and put up for sale, saying it had found no evidence of a data breach. The article by Cybernews, a research-based online publication,…
Russian Hackers Target Dutch LNG Terminal
Alex Kimani reports: Russian hackers have been doing “exploratory research” into the systems of the Dutch LNG terminals, trying to find ways into the systems, American cyber security company Dragos has reported. According to Dragos’ Casey Brooks, hacker groups Xenotime and Kamacite have been poking at the digital systems of Gasunie’s LNG terminal in Eemshaven in Rotterdam. The FBI has…