Jonathan Greig reports on another vulnerability affecting file transfer software that has been exploited soon after disclosure. In this case, though, there’s some contentious statements about responsible disclosure or lack thereof. Federal cybersecurity officials as well as incident responders at cyber companies say hackers are exploiting a vulnerability within the popular file transfer tool Crush….
MrBeast sues former employee for stealing confidential files and installing hidden cameras in company offices
Yet another reminder of the insider threat. As seen in The Express Tribune: YouTube superstar Jimmy “MrBeast” Donaldson has filed a lawsuit against former employee Leroy Nabors, alleging theft of confidential company data and unauthorized surveillance. As reported by Dexerto, the legal complaint accuses Nabors of misappropriating trade secrets, breaching his employment contract, and secretly recording…
Fall River schools chief: No insurance for cyberattack; says computer system remains down
Dan Medeiros and Emily Scherny report: The city’s public school computers will be down for the rest of the week after a cybersecurity attack infiltrated the district’s internal system — and a solution may cost the School Department out of pocket. At a joint meeting of the School Committee and City Council on Tuesday afternoon, Superintendent Tracy…
2024 Year in Review: Data Breach Litigation
Seen at Wilmer Hale: One of the main risks for a company in the event of a data breach is the threat of litigation. Data breach litigation continued to proliferate in 2024, as it has in prior years. In the past year, plaintiffs continued to seek relief following data breaches under state common-law doctrines, and…
E-ZPass toll payment texts return in massive phishing wave
Bill Toulas reports: An ongoing phishing campaign impersonating E-ZPass and other toll agencies has surged recently, with recipients receiving multiple iMessage and SMS texts to steal personal and credit card information. The messages embed links that, if clicked, take the victim to a phishing site impersonating E-ZPass, The Toll Roads, FasTrak, Florida Turnpike, or another toll authority…
When the victimizers become the victims…. RansomHub the victim of a takeover?
In February, RansomHub was described as the leading Ransomware-as-a-Service group and as a pervasive threat to critical sectors. Weeks later, Trend Micro analyzed SocGholish’s MaaS framework and its role in deploying RansomHub ransomware. RansomHub was clearly developing and making a significant impact in the ransomware ecosystem. But in the blink of an eye, it seemed,…