Marco A. De Felice of SuspectFile (aka @amvinfe) reports that BankCard USA (BUSA) recently paid the Black Basta ransomware group $50,000 ransom. But if BUSA hoped to keep the breach and payment out of the public eye, they should sit down before they read SuspectFile’s reporting, because it is going to make them sad. BankCard…
The Chattanooga Heart Institute to notify 170,450 about March “data security incident”
In May, DataBreaches dutifully noted The Chattanooga Heart Institute (CHI) on our non-public worksheets. At the time, all we knew was that Karakurt threat actors had claimed to have attacked them and to have exfiltrated 158 GB of data. There was no proof of claim offered, but Karakurt wrote: Employees and patients’ private data will…
Arizona man who extorted Georgia Tech sentenced to prison
ATLANTA, July 27 – Ronald Bell has been sentenced to two years and nine months in prison for extorting Georgia Tech. Bell recruited a security guard to falsely claim that the guard witnessed an assault by its basketball coach in exchange for part of the extortion payout he expected to receive from the university. “Ronald…
CISA Advisory: Preventing Web Application Access Control Abuse
Release Date: July 27, 2023 Alert Code: AA23-208A SUMMARY The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers of web applications and organizations using web applications about insecure direct object…
Hobbs has questions about data breach that exposed ESA student info
Gloria Rebecca Gomez reports: A data breach exposed the personal information of thousands of Arizona students enrolled in the state’s school voucher program, according to Gov. Katie Hobbs, but the state’s top education official says it’s not a problem. Earlier this month, ClassWallet, the online financial administration platform that handles payments for Arizona’s Empowerment Scholarship…
Smartphone Vulnerability That Could Expose User Location to Hackers Found by Researchers
Jace Dela Cruz A recent discovery by a PhD student of Northeastern University has revealed a potential vulnerability in text messaging that could expose smartphone users’ location to hackers. PhD student in cybersecurity at Northeastern Evangelos Bitsikas and his research group employed a sophisticated machine-learning program to analyze data from the traditional SMS system, which…