Shannon Flynn writes: Imagine that you open your email to find a notice that you’ve been part of a data breach. The message says you’re entitled to a settlement payout as part of a class-action lawsuit. What do you do next? With cyber crime as rampant as it is today, this scenario is a reality…
Category: Commentaries and Analyses
Japan’s Supreme Court rules cryptojacking scripts are not malware
Laura Dobberstein reports: A man found guilty of using the Coinhive cryptojacking script to mine Monero on users’ PCs while they browsed the web has been cleared by Japan’s Supreme Court on the grounds that crypto mining software is not malware. Tokyo High Court ruled against the defendant, 34-year-old Seiya Moroi, on charges of keeping…
WordPress plugin flaw puts users of 20,000 sites at phishing risk
Bill Toulas reports: The WordPress WP HTML Mail plugin, installed in over 20,000 sites, is vulnerable to a high-severity flaw that can lead to code injection and the distribution of convincing phishing emails. ‘WP HTML Mail’ is a plugin used for designing custom emails, contact form notifications, and generally tailored messages that online platforms send…
A data breach that put 688,000 patients at risk just became … even worse
Q: What’s worse than a really bad data breach involving patient and employee data? A: A really bad data breach where the data gets leaked on the internet for everyone to grab for free. In June 2021, DataBreaches.net reached out to Sea Mar Community Health Centers in Washington to alert them to what appeared to…
Unhappy New Year for cybercriminals as VPNLab.net goes offline
Do threat actors feel like walls are closing in on them? They might well be feeling that way — or maybe they should be feeling that way. From Europol, today: This week, law enforcement authorities took action against the criminal misuse of VPN services as they targeted the users and infrastructure of VPNLab.net. The VPN…
Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors
Ravie Lakshmanan reports: An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits. “The list of its victims includes high-value targets such as government and educational institutions, religious movements, pro-democracy and human rights organizations…