Patrick Donahue and Jake Rudnitsky report: A hacker group linked to the Russian state known as “Fancy Bear” conducted a cyber attack on critical German infrastructure and the country’s banking system in the past few days, Bild newspaper reported, citing unidentified Western intelligence sources. A spokesman for Germany’s BSI Federal Cyber Security Authority said the agency has…
Indian tech startup exposed Byju’s student data
Zach Whittaker reports: India-based technology startup Salesken.ai has secured an exposed server that was spilling private and sensitive data on one of its customers, Byju’s, an education technology giant and India’s most valuable startup. The server was left unprotected since at least June 14, according to historical data provided by Shodan, a search engine for exposed…
Hackers use zero-day to mass-wipe My Book Live devices
Lawrence Abrams reports that preliminary reports attributing a mass-wipe to a CVE from 2018 were not quite the whole story. Western Digital had originally told BleepingComputer that the attacks were being conducted through a 2018 vulnerability tracked as CVE-2018-18472, which was not fixed as the device has been out of support since 2015. It turns out that…
Bucks County behavioral health and substance abuse nonprofit struck in cyberattack, urges clients to check their information
Anthony Salamone reports: The records of an unspecified number of clients of an Upper Bucks County behavioral-health and substance abuse nonprofit, which serves the Lehigh Valley, might have been stolen as part of a ransomware attack on the agency earlier this year. Penn Foundation in West Rockhill Township said it informed clients Tuesday of the…
New charges filed against Capital One hacker, trial postponed to 2022
Catalin Cimpanu reports: The US government has filed a superseding indictment against Paige A. Thompson, a former Amazon engineer accused of hacking Capital One and stealing the personal data of more than 100 million Americans. According to court documents filed earlier this month and obtained by The Record, the US Department of Justice has added seven new charges…
Morningstar data breach reveals KPMG deal maker lists
Liam Walsh and Edmund Tadros report: A software glitch has exposed the key companies garnering the interest of big four advisory group KPMG’s deal makers and restructuring experts. The flaw in an alert system, run by US financial research firm Morningstar, for ASX-listed companies meant third parties could even view project names KPMG had assigned. That included…