Catalin Cimpanu reports: GrowDiaries, an online community where marijuana growers can blog about their plants and interact with other farmers, has suffered a security breach in September this year. The breach occurred after the company left two Kibana apps exposed on the internet without administrative passwords. Read more on ZDNet. h/t, @Chum1ng0
Another k-12 district reports a data breach
This time, it’s Columbus City Schools in Ohio, who report that on May 1, they learned that an employee’s email account had been compromised. Their subsequent investigation resulted in them notifying an undisclosed number of people that their name and social security number had been in the employee’s email account. You can read the October…
23,600 hacked databases have leaked from a defunct ‘data breach index’ site
Catalin Cimpanu reports: More than 23,000 hacked databases have been made available for download on several hacking forums and Telegram channels in what threat intel analysts are calling the biggest leak of its kind. The database collection is said to have originated from Cit0Day.in, a private service advertised on hacking forums to other cybercriminals. Read…
June retrial date set for ex-CIA engineer in leak case
The Associated Press reports: The retrial of a former CIA software engineer charged with leaking secrets to WikiLeaks in an espionage case will begin June 7, a judge said Wednesday. U.S. District Judge Paul A. Crotty set the date for Joshua Schulte over the objections of a defense lawyer who said it would be impossible…
New RegretLocker ransomware targets Windows virtual machines
Lawrence Abrams reports: A new ransomware called RegretLocker uses a variety of advanced features that allows it to encrypt virtual hard drives and close open files for encryption. RegretLocker was discovered in October and is a simple ransomware in terms of appearance as it does not contain a long-winded ransom note and uses email for communication…
Hospital, Patients Seek Ransomware Attack Settlement Approval
Mary Anne Pazanowski reports: Saint Francis Healthcare System and the representatives of a class of over 90,000 patients is asking a federal court to approve the final settlement of a lawsuit growing out of a 2019 ransomware attack on a computer network that disrupted medical services and exposed patient records to unlawful access. Read more…