Today’s reminder to “Tell the truth, or someone will tell it for you,” courtesy of Kevin Beaumont: Oracle have finally issued to a written notification to customers about their cybersecurity incident. They are again wordsmithing. OCI is a different org unit in Oracle to Oracle Classic – they’re denying a different scope. Kevin also commented:…
CISA, experts warn of Crush file transfer attacks after a controversial disclosure
Jonathan Greig reports on another vulnerability affecting file transfer software that has been exploited soon after disclosure. In this case, though, there’s some contentious statements about responsible disclosure or lack thereof. Federal cybersecurity officials as well as incident responders at cyber companies say hackers are exploiting a vulnerability within the popular file transfer tool Crush….
MrBeast sues former employee for stealing confidential files and installing hidden cameras in company offices
Yet another reminder of the insider threat. As seen in The Express Tribune: YouTube superstar Jimmy “MrBeast” Donaldson has filed a lawsuit against former employee Leroy Nabors, alleging theft of confidential company data and unauthorized surveillance. As reported by Dexerto, the legal complaint accuses Nabors of misappropriating trade secrets, breaching his employment contract, and secretly recording…
Fall River schools chief: No insurance for cyberattack; says computer system remains down
Dan Medeiros and Emily Scherny report: The city’s public school computers will be down for the rest of the week after a cybersecurity attack infiltrated the district’s internal system — and a solution may cost the School Department out of pocket. At a joint meeting of the School Committee and City Council on Tuesday afternoon, Superintendent Tracy…
2024 Year in Review: Data Breach Litigation
Seen at Wilmer Hale: One of the main risks for a company in the event of a data breach is the threat of litigation. Data breach litigation continued to proliferate in 2024, as it has in prior years. In the past year, plaintiffs continued to seek relief following data breaches under state common-law doctrines, and…
E-ZPass toll payment texts return in massive phishing wave
Bill Toulas reports: An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. The messages embed links that, if clicked, take the victim to a phishing site impersonating E-ZPass, The Toll Roads, FasTrak, Florida Turnpike, or another toll authority…