In a new listing by AvosLocker, the threat actors leak personal information that can make employees’ lives difficult for years to come. In their leak site listing for California Northstate University, AvosLocker claims: We have Student admissions data include Name, Social Security Number, Date Of Birth, Address, Email, Telephone. All College employees W-2 include in…
GAO Report: Cybersecurity High-Risk Series: Challenges in Protecting Privacy and Sensitive Data
GAO-23-106443 Published: Feb 14, 2023. Fast Facts: Federal systems are vulnerable to cyberattacks. Our High Risk report identified 10 critical actions for addressing federal cybersecurity challenges. In this report, the last in a series of four, we cover the 2 actions related to Protecting Privacy and Sensitive Data: Improve federal efforts to protect privacy and sensitive data, such…
Airline SAS network hit by hackers, says app was compromised
Marie Mannes reports: Scandinavian airline SAS said it was hit by a cyber attack Tuesday evening and urged customers to refrain from using its app but later said it had fixed the problem. News reports said the hack paralysed the carrier’s website and leaked customer information from its app. Read more at Reuters.
Cloudflare thwarts largest reported HTTP DDoS attack
Waqas reports: Cloudflare stated that it had managed to mitigate multiple “hyper-volumetric” DDoS attacks that originated from more than 30,000 IP addresses. According to a recent blog post by Cloudflare, a vendor specializing in DDoS attack mitigation, its customers were targeted by a series of volumetric DDoS (Distributed Denial of Service) attacks over the past weekend. These…
Healthcare giant CHS reports first data breach in GoAnywhere hacks
Sergiu Gatlan has more on a claimed zero-day attack on Fortra’s GoAnywhere file transfer software. The attack, which Clop claimed responsibility for, has been linked to at least one confirmed victim, Community Health Systems, as first reported by DataBreaches.net. Gatlan reports that Fortra (formerly known as HelpSystems) disclosed to its customers last week that a new vulnerability (CVE-2023-0669)…
Royal Mail refused to pay ‘absurd’ LockBit ransom, chat logs say
Carly Page reports: The LockBit ransomware gang has published what it claims is the full transcript of its negotiations with Royal Mail, which continues to experience disruption due to last month’s cyberattack. The chat logs negotiating the ransom is the first data that LockBit has published following the cyberattack on Royal Mail, which left the British postal service…