Man arrested for alleged data breach SMS scam
A Sydney man, 19, has been charged for allegedly attempting to misuse stolen Optus customer data in a text message blackmail scam.
Vice Society: a discreet but steady double extortion ransomware group
Vice Society is a little-known double extortion group that exfiltrates its victims' data and threatens its victims to leak their information.
'I can fight with a keyboard': How one Ukrainian IT specialist exposed a notorious Russian ransomware gang
As Russian artillery began raining down on his homeland last month, one Ukrainian computer researcher decided to fight back the best way he knew how -- by sabotaging one of the most formidable ransomware gangs in Russia.
Costa Rica declares national emergency after Conti ransomware attacks
The Costa Rican President Rodrigo Chaves has declared a national emergency following cyber attacks from Conti ransomware group on multiple government bodies. BleepingComputer also observed Conti published most of the 672 GB dump that appears to contain data belonging to the Costa Rican government agencies. The declaration was signed into law by Chaves on Sunday, May 8th, same day as the economist and former Minister of Finance effectively became the country's 49th and current president.
Lapsus$ hackers leak 37GB of Microsoft's alleged source code
The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft's internal Azure DevOps server.
Aquarium Leaks. Inside the GRU’s Psychological Warfare Program
In this exclusive and groundbreaking report, Free Russia Foundation has translated and published five documents from the GRU, Russia’s military intelligence agency. The documents, obtained and analyzed by Free Russia Foundation’s Director of Special Investigations Michael Weiss, details the...
Man arrested for alleged data breach SMS scam
A Sydney man, 19, has been charged for allegedly attempting to misuse stolen Optus customer data in a text message blackmail scam.
Vice Society: a discreet but steady double extortion ransomware group
Vice Society is a little-known double extortion group that exfiltrates its victims' data and threatens its victims to leak their information.
'I can fight with a keyboard': How one Ukrainian IT specialist exposed a notorious Russian ransomware gang
As Russian artillery began raining down on his homeland last month, one Ukrainian computer researcher decided to fight back the best way he knew how -- by sabotaging one of the most formidable ransomware gangs in Russia.
Costa Rica declares national emergency after Conti ransomware attacks
The Costa Rican President Rodrigo Chaves has declared a national emergency following cyber attacks from Conti ransomware group on multiple government bodies. BleepingComputer also observed Conti published most of the 672 GB dump that appears to contain data belonging to the Costa Rican government agencies. The declaration was signed into law by Chaves on Sunday, May 8th, same day as the economist and former Minister of Finance effectively became the country's 49th and current president.
Lapsus$ hackers leak 37GB of Microsoft's alleged source code
The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft's internal Azure DevOps server.
Aquarium Leaks. Inside the GRU’s Psychological Warfare Program
In this exclusive and groundbreaking report, Free Russia Foundation has translated and published five documents from the GRU, Russia’s military intelligence agency. The documents, obtained and analyzed by Free Russia Foundation’s Director of Special Investigations Michael Weiss, details the...
I scanned every package on PyPi and found 57 live AWS keys
After inadvertently finding that InfoSys leaked an AWS key on PyPi I wanted to know how many other live AWS keys may be present on Python package index. After scanning every release published to PyPi I found 57 valid access keys from organisations like: Amazon themselves 😅 Intel Stanford, Portland and Louisiana University The Australian Government General Atomics fusion department Terradata Delta Lake And Top Glove, the worlds largest glove manufacturer 🧤
FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked
InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up…
WhatsApp data leak: 500 million user records for sale
Someone is allegedly selling up-to-date mobile phone numbers of nearly 500 million WhatsApp users. A data sample investigated by Cybernews likely confirms this to be true.
A Leak Details Apple's Secret Dirt on Corellium, a Trusted Security Startup
A 500-page document reviewed by WIRED shows Corellium engaged with several controversial companies, including spyware maker NSO Group.
Microsoft Office 365 Message Encryption Insecure Mode of Operation | WithSecure™ Labs
Microsoft Office 365 Message Encryption (OME) utilitises Electronic Codebook (ECB) mode of operation. This mode is insecure and leaks information about the structure of the messages sent and can lead to partial or full message disclosure.
Major Mexican Government Hack Reveals Military Abuse and Spying
Hackers infiltrated the Mexican Defense Ministry, publishing millions of emails that detail the military’s growing influence over the civilian government.
Man arrested for alleged data breach SMS scam
A Sydney man, 19, has been charged for allegedly attempting to misuse stolen Optus customer data in a text message blackmail scam.
LockBit ransomware builder leaked online by “angry developer”
The LockBit ransomware operation has suffered a breach, with an allegedly disgruntled developer leaking the builder for the gang's newest encryptor.
Turning Your Computer Into a GPS Tracker With Apple Maps
One of the things Apple cares about in terms of its bug bounty program is your location data. Apple rightly categorizes real-time or historical precise location data as "sensitive data" which in some cases qualifies for a significant monetary award.
Chrome & Edge Enhanced Spellcheck Features Expose PII, Even Your Passwords
Some of the largest websites in the world have exposure to sending Google and Microsoft sensitive user PII, including username, email, and passwords
%2Fcdn.vox-cdn.com%2Fuploads%2Fchorus_asset%2Ffile%2F23904070%2F24ba6644deb404944cdbe64705285bbad80154a4.jpg?width=92&height=&ar=&mode=&format=avif&dpr=2)
GTA 6 gameplay leaks online in 90 videos
A massive GTA VI leak appears to line up with previous reports.
Security update
Updates on security incident
Zimbra Open Bucket Data Leak – Responsible Disclosure
Hundreds of millions use Zimbra, an all-in-one business productivity suite for micro, small, medium & enterprise in-office and remote work teams. The Zimbra Inc company was acquired by Synacor Inc
A Cyberattack Illuminates the Shaky State of Student Privacy
At a moment when education technology firms are stockpiling sensitive information on millions of school children, safeguards for student data have broken down.
Vice Society: a discreet but steady double extortion ransomware group
Vice Society is a little-known double extortion group that exfiltrates its victims' data and threatens its victims to leak their information.
'I can fight with a keyboard': How one Ukrainian IT specialist exposed a notorious Russian ransomware gang
As Russian artillery began raining down on his homeland last month, one Ukrainian computer researcher decided to fight back the best way he knew how -- by sabotaging one of the most formidable ransomware gangs in Russia.
China Police Database Was Left Open Online for Over a Year, Enabling Leak
Cybersecurity experts say the error enabled the theft of records of nearly 1 billion people, including senior officials, leading to a $200,000 ransom note.
Anonymous Hacktivists Leak 1TB of Top Russian Law Firm Data
Anonymous has struck Russia again by leaking 1TB of data from a leading Russian law firm identified as Rustam Kurmaev and Partners (RKP Law).