Following up on a somewhat atypical strategy to monetize an alleged attack on Tipalti, AlphV updated their leak site post today. It now reads: We are systematically reaching out to affected clients of Tipalti, the first batch (consisting of organizations with the most data exfiltrated), have been sent communications requesting initial contact. We will immediately…
Research: Privacy as Pretense: Empirically Mapping the Gap Between Legislative & Judicial Protections of Privacy
Abstract While many statutes recognize that violations of privacy cause harm—and some even provide for private rights of action to enforce privacy rights—scholars have speculated that the judicial doctrine of Article III standing could create a procedural hurdle to remedying privacy harms. This empirical study maps the extent of that hurdle by investigating the data…
What it means — CitrixBleed ransomware group woes grow as over 60 credit unions, hospitals, financial services and more breached in US.
Kevin Beaumont writes: How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. Credit union technology firm Trellance owns Ongoing Operations LLC, and provides a platform called Fedcomp — used by double digit number of other credit unions across the United States. This Fedcomp platform was not patched for CitrixBleed, as no Netscaler…
On September 2nd, the U.S. branch of Great Star Industrial Co. disbursed a ransom of 1 million dollars to a ransomware group
Over at SuspectFile, Marco A. De Felice writes: We are in the early days of last September when the American division of the Chinese multinational Hangzhou Great Star Industrial Co., Ltd (Great Star), in order to avoid the publication of administrative and company secrets documents, decided to negotiate with the Akira ransomware group and pay…
Former Public School Information Technology Manager Charged with Damaging School’s Computer Network
From the U.S. Attorney’s Office in Massachusetts on November 29: BOSTON – An Ayer man was charged today and agreed to plead guilty in connection with a June 2023 cyberattack targeting the computer network of his former employer, an Essex County public high school. Conor LaHiff, 30, was charged in an Information with one count…
Sellafield nuclear site hacked by groups linked to Russia and China (1)
Anna Isaac and Alex Lawson report: The UK’s most hazardous nuclear site, Sellafield, has been hacked into by cyber groups closely linked to Russia and China, the Guardian can reveal. The astonishing disclosure and its potential effects have been consistently covered up by senior staff at the vast nuclear waste and decommissioning site, the investigation…