I’m not sure if you need to be a threat analyst, a drama critic, or a bit of both these days. But Yelisey Boguslavskiy & Anastasia Sentsova of AdvIntel dive in to some of the recent goings on: On September 7, 2021, a representative of the newly-formed Groove ransomware syndicate decided to share their insights…
McDonald’s email blunder broadcasts database creds to comedy competition winners
Gareth Corfield reports: McDonald’s customers who won a prize draw competition got more than they hoped for after the burger chain emailed them login credentials for development and production databases used to power the campaign. The first person to report the blunder to McDonald’s, startup founder Connor Greig, told The Register: “It’s a bit weird,” adding…
SC: Dorchester County Government Notice of February Security Incident
DORCHESTER COUNTY, S.C., Sept. 9, 2021 /PRNewswire/ — Dorchester County Government (“Dorchester“) announced today a phishing incident involving email accounts within its email environment. The phishing incident resulted in unauthorized access to certain information collected and maintained by the County for a variety of reasons, including names, addresses, email addresses, dates of birth, Social Security numbers, driver’s…
Za: Justice Department victim of latest security breach
First it was South Africa’s Space Agency that was attacked. Now it’s their justice department. Dan Meyer reports: The Department of Justice and Constitutional Development has confirmed that it has become the victim of a malicious cyber security hack, with all electronic services provided by the Department – including the issuing of letters of authority,…
SANSA breach: International hacker group claims responsibility for Space Agency leak
Storm Simpson reports: A new internet hacking group has claimed responsibility for a data breach at the South African National Space Agency (SANSA). The group, CoomingProject, emerged recently and according to claims made on its website, it has a list of victims across the world. Read more on The South African. SANSA confirmed the breach…
Hackers leak passwords for 500,000 Fortinet VPN accounts
Lawrence Abrams reports: A threat actor has leaked a list of almost 500,000 Fortinet VPN login names and passwords that were allegedly scraped from exploitable devices last summer. While the threat actor states that the exploited Fortinet vulnerability has since been patched, they claim that many VPN credentials are still valid. Read more on BleepingComputer.