DataBreaches recently reported that researchers had discovered two courts had sealed filings and court records exposed, but the vendor responsible wasn’t responding to notifications. Despite months of trying to get a software vendor to respond to alerts that their clients’ files are exposed on the internet — including confidential and sealed court records — the…
Category: Commentaries and Analyses
Legal Aid Agency chief admits difficulties understanding impact of cyberattack
Jim Dunton reports: The chief executive of the Legal Aid Agency has told MPs that the organisation is still working out the extent of a cyberattack that was uncovered back in the spring. Jane Harbottle told members of parliament’s Public Accounts Committee that a team of analysts is still exploring how much of the compromised…
The 4TB time bomb: when EY’s cloud went public (and what it taught us)
Today’s episode of “No need to hack when it’s leaking” is brought to us by Neo Security. In the course of their research and scanning, they came across a 4 TB SQL backup. As Neo Security explains: An SQL Server BAK file is a complete database backup. It contains everything: the schema, all the data,…
Some lower-tier ransomware gangs have formed a new RaaS alliance — or have they? (1)
Calling all of the groups ‘lower-tier’ may have been inaccurate. Please be sure to read the update at the bottom of this post. We’ve seen a few announcements this year heralding cartels or alliances in the ransomware ecosystem. Two such announcements involved DragonForce, but as SuspectFile reported, there was no evidence of a cartel, and…
Uncovering Qilin attack methods exposed through multiple cases
Takahiro Takeda, Jordyn Dunk, James Nutland, Michael Szeliga of Talos write: In the second half of 2025, the ransomware group Qilin has continued to publish victim information on its leak site at a pace of more than 40 cases per month, making it one of the most impactful ransomware groups worldwide. The manufacturing sector has…
Predatory Sparrow Strikes: Coordinated Cyberattacks Seek to Cripple Iran’s Critical Infrastructure
Mayura Kathir reports: A sophisticated cyber-sabotage group known as Predatory Sparrow has emerged as one of the most destructive threat actors targeting Iranian critical infrastructure over the past several years. Unlike traditional cybercriminal operations focused on financial gain, this group executes highly disruptive campaigns designed to cripple essential services, destroy sensitive data, and send provocative…