Catalin Cimpanu reports: A mysterious threat actor has compromised the update mechanism of enterprise password manager application Passwordstate and deployed malware on its users’ devices, most of which are enterprise customers. Click Studios, the Australian software firm behind Passwordstate, has notified its 29,000 customers earlier today via email. Read more on The Record.
Category: Of Note
Maine brothers sue Northern Light for sharing their info with Blackbaud
Judy Harrison reports on a lawsuit stemming from the Blackbaud ransomware incident in 2020 that has been covered previously on this site. Two brothers from Holden have sued Northern Light Health over a data breach last May that left them vulnerable to identity theft and affected more than 650,000 people. The complaint, filed Tuesday in…
Supreme Court holds that monetary relief is unavailable under Section 13(b) of the Federal Trade Commission Act
Brian Wolfman notes: The first paragraph of the Court’s unanimous opinion in AMG Capital Management v. FTC sums it up: Section 13(b) of the Federal Trade Commission Act authorizes the Commission to obtain, “in proper cases,” a “permanent injunction” in federal court against “any person, partnership, or corporation” that it believes “is violating, or is about to…
Ca: Court approves data breach settlements with BMO, CIBC
James Langton reports: An Ontario court has approved proposed class action settlements with Bank of Montreal (BMO) and CIBC over cybersecurity breaches involving thousands of clients. The Superior Court of Justice endorsed settlements and distribution plans designed to resolve lawsuits against the banks stemming from a data theft that affected more than 10,000 clients of…
Logins for 1.3 million Windows RDP servers collected from hacker market
Lawrence Abrams reports: The login names and passwords for 1.3 million current and historically compromised Windows Remote Desktop servers have been leaked by UAS, the largest hacker marketplace for stolen RDP credentials. With this massive leak of compromised remote access credentials, researchers, for the first time, get a glimpse into a bustling cybercrime economy and…
Chinese military seen behind Japan cyberattacks
Kyodo and Bloomberg News report: China’s military is thought to have instructed a hacker group to conduct cyberattacks on nearly 200 companies and research institutes in Japan, including the Japan Aerospace Exploration Agency, investigative sources said Tuesday. Tokyo police referred a Chinese man, who is a member of the Chinese Communist Party, to prosecutors Tuesday…