Lawrence Abrams reports: A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While the threat actor states that the exploited Fortinet vulnerability has since been patched, they claim that many VPN credentials are still valid. Read more on BleepingComputer.
Three people arrested in connection with identity theft of Surfside condo victims
Kay Jones, Steve Almasy, and Rebekah Riess report: Three people have been arrested in South Florida and accused of identity theft of victims of the Surfside condo collapse, a top prosecutor said Wednesday. There were seven victims in this case, five of whom are deceased, Miami-Dade State Attorney Katherine Fernandez Rundle said at a news conference….
Mass data leak after Bar Ilan University refuses to pay hacker $2.5m
After an attack on Bar Ilan University in Israel, it appears that the university refused to pay ransom, and threat actors have dumped some data and may be offering more for sale. The Times of Israel reports: Hundreds of thousands of documents and lists containing personal details of students and lecturers at Bar Ilan University…
United Nations’ Computers Breached by Hackers Earlier This Year – Resecurity
William Turton and Kartikay Mehrotra of Bloommberg report: Hackers breached the United Nations’ computer networks earlier this year and made off with a trove of data that could be used to target agencies within the intergovernmental organization. The hackers’ method for gaining access to the UN network appears to be unsophisticated: They likely got in…
Data Breach Lawsuit Against Sonic Will Proceed
Sarah Coble reports: Litigation filed against American fast-food chain Sonic over a 2017 data breach has been allowed to proceed. Financial institutions brought a lawsuit against Sonic Corp after it emerged that financial data belonging to customers of the restaurant had been stolen in a cyber-attack. The attacker(s) installed malware on a point-of-sale system used at hundreds of Sonic franchises. Read…
Br: Hackers take part of Anvisa’s website off the air and replace it with Argentina’s flag
Abhishek Pratap reports: The official website of the National Health Surveillance Agency (Anvisa) was targeted by hackers. The invaders took the Traveler’s Health Declaration form off the air and replaced it with the Argentine flag. The action was considered by the agency as a retaliation for the suspension of the match between Brazil and Argentina….