Lucas Ropek reports: Not long after Elon Musk took over Twitter and started doing a whole lot of crazy stuff to the platform, the microblogging app Hive Social saw a huge spike in users. Apparently fed up with Elon’s shit, a bunch of people had decided to try out alternative social media sites—and Hive was one of them. Launched back in…
ConnectWise Quietly Patches Flaw That Helps Phishers
Brian Krebs reports: ConnectWise, which offers a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just weeks after the company quietly patched…
Nl: Forum voor Democratie data leak leaves 93,000 members and former members exposed
Dutch News reports: An IT failure in the app launched last weekend by far right party Forum voor Democratie has placed the names, addresses and bank account numbers of all 93,000 current and past party members in the public domain, broadcaster RTL has reported, following a tip-off. Read more at DutchNews.nl. As Professor Frederik Zuiderveen…
Darknet markets generate millions in revenue selling stolen personal data
Christian Jordan Howell and David Maimon report: …. This trafficking of stolen data between producers, wholesalers, and consumers is enabled by darknet markets, which are websites that resemble ordinary e-commerce websites but are accessible only using special browsers or authorization codes. We found several thousand vendors selling tens of thousands of stolen data products on 30 darknet…
Florida state tax website bug exposed filers’ data
Zack Whittaker reports: A security flaw on the Florida Department of Revenue website exposed at least hundreds of taxpayers’ Social Security numbers and bank account numbers, a security researcher found. Kamran Mohsin said the security flaw — now fixed — allowed him, or anyone else who was logged in to the state’s business tax registration website,…
‘We weren’t ready’ — Inside St. Michael Medical Center during October cyberattack outages
Nathan Pilling reports: In early October, a fresh batch of troubles arrived at St. Michael Medical Center. They would first be linked to an “IT security incident.” It would eventually be acknowledged by the hospital’s parent organization, CommonSpirit Health – one of the largest nonprofit health care systems in the country – that the group…