Tim Starks, with research by Aaron Schaffer, writes: In February, alleged Russian government hackers launched an attack on U.S. satellite company Viasat, disabling communications in Ukraine just before the invasion in what amounted to perhaps the most prominent hack of space equipment ever. The incident helped fuel a flurry of activity in Washington, from federal…
Category: Commentaries and Analyses
Ransom payments fall as fewer victims choose to pay hackers
Bill Toulas reports: Ransomware statistics from the second quarter of the year show that the ransoms paid to extortionists have dropped in value, a trend that continues since the last quarter of 2021. Ransomware remediation firm Coveware has published a report today with ransomware data from the second quarter of 2022 showing that although the…
Growing risk to Indonesian citizens’ privacy as breaches and leaks appear on marketplaces
On July 22, DataBreaches reported on some recent breaches affecting Thai citizens and residents. In researching that post, DataBreaches was struck by the number of listings or offerings of data from ASEAN countries. In this post, DataBreaches provides a partial listing of some recent leaks or breaches affecting Indonesian citizens and residents. In general, the…
Responsible disclosure: DIVD describes a “long and windy road” notifying a Chinese firm
Some of you will recall that on a few occasions, DataBreaches has collaborated with Dutch researcher Jelle Ursem (aka @SchizoDuckie) to report on entities in the medical sector who were leaking their login credentials in GitHub repositories (see “No Need to Hack When It’s Leaking” and “Good Luck Explaining to HHS Why Your PHI is…
Atlassian: Confluence hardcoded password was leaked, patch now!
Sergiu Gatlan reports: Australian software firm Atlassian warned customers to immediately patch a critical vulnerability that provides remote attackers with hardcoded credentials to log into unpatched Confluence Server and Data Center servers. As the company revealed this week, the Questions for Confluence app (installed on over 8,000 servers) creates a disabledsystemuser account with a hardcoded password to help admins…
Seventh Circuit Affirms Dismissal Of Class Claims Based Upon Speculative Hacking Risk
Benjamin Cain of Covington and Burling writes: Late last week, the Seventh Circuit affirmed a trial court’s ruling granting dismissal at summary judgment of claims against FCA US LLC (“FCA,” formerly known as Chrysler) and Harman International Industries, Inc. (“Harman”) for lack of Article III standing. See Flynn v. FCA US LLC, — F. 4th —-,…