Zack Whittaker reports: A security lapse at insurance technology startup BackNine exposed hundreds of thousands of insurance applications after one of its cloud servers was left unprotected on the internet. BackNine might be a company you’re not familiar with, but it might have processed your personal information if you applied for insurance in the past…
TX: Thousands of employees and dependents of Whitehouse ISD just had their data dumped on the dark web
School districts continue to be low-hanging fruit for threat actors. While Grief threat actors hacked and then dumped data from Clover Park School District in Washington, Booneville School District in Mississippi, and Lancaster ISD in Texas, Vice Society hacked and then dumped data from Whitehouse ISD, also in Texas. On June 28, DataBreaches.net emailed Whitehouse…
D-Box Technologies hit by ransomware that affected most of its systems
D-BOX announces that the Corporation was subject to a ransomware cyberattack on its information technology systems. The malware used to perform the attack encrypted electronic data stored on the Corporation’s network so it cannot be read or used. The attack took place after the close of business on July 12, 2021 and was detected on…
Fr: Ransomware attack on spa is anything but relaxing
On July 9, the Royatonic spa in France suffered a ransomware attack. A notice on their web site informs people that as of July 12, the spa had to close because a cyberattack blocked access to their server and paralyzed all their activity. COMPUTER PROBLEM Royatonic regrets to close its doors on Monday July 12th….
Dutch ethical hackers on a mission to fix the internet
AFP has a nice piece on Victor Gevers and the Dutch Institute for Vulnerability Disclosure. No, DIVD are not new kids on the block. They have been around for years, quietly and responsibly disclosing vulnerabilities, which is why some of us were appalled — and furious — when Victor was falsely accused of lying about…
Microsoft, Google, Citizen Lab blow lid off zero-day bug-exploiting spyware sold to governments
Iain Thomson reports: Software patches from Microsoft this week closed two vulnerabilities exploited by spyware said to have been sold to governments by Israeli developer Candiru. On Thursday, Citizen Lab released a report fingering Candiru as the maker of the espionage toolkit, an outfit Microsoft code-named Sourgum. It is understood the spyware, code-named DevilsTongue by Microsoft, exploited…