Security News

The Week in Ransomware - March 4th 2022 - The Conti Leaks
2022-03-04 23:46

This week's biggest story is the massive data leak from the Conti ransomware operation, including over 160,000 internal messages between members and source code for the ransomware and TrickBot operation. A Ukrainian security researcher has leaked over 60,000 internal messages belonging to the Conti ransomware operation after the gang sided with Russia over the invasion of Ukraine.

Hackers leak 190GB of alleged Samsung data, source code
2022-03-04 22:15

The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company. In a note posted earlier today, the extortion gang teased about releasing Samsung data with a snapshot of C/C++ directives in Samsung software.

Quarter of a million lawyer disciplinary records leak
2022-02-28 21:53

Approximately 260,000 nonpublic disciplinary records stored on behalf of The State Bar of California were found to be exposed to the public and to have been republished on Judyrecords.com, a website that aggregates over 630 million public court records. Full case records were not disclosed, the State Bar said, and it's not yet clear how many attorney and witness names were revealed.

Hackers to NVIDIA: Remove mining cap or we leak hardware data
2022-02-28 19:13

The Lapsus$ data extortion group has released what they claim to be data stolen from the Nvidia GPU designer. The first round of messages from Lapsus$ included a leak of what the actor said were hashed passwords of all Nvidia employees and a claim that the company hacked back to encrypt their virtual machine with the data.

Conti ransomware gang leak: 60,000 messages online
2022-02-28 18:14

Activists have reportedly leaked the contents of internal chats from the Russia-affiliated Conti ransomware gang as the Ukraine war continues. Conti ransomware group previously put out a message siding with the Russian government.

Data stolen from Nvidia, blueprints leak threatened
2022-02-26 00:39

The crooks said unless Nvidia releases a software update that removes its recent crypto-coin mining limiter, they will leak what sounds like internal hardware documents - a hw folder, specifically. NCC Group released figures indicating a huge jump in the use of ransomware, with America the top target at 53 per cent of monitored infections, and Europe at 30 per cent.

Data leaks and shadow assets greatly exposing organizations to cyberattacks
2022-02-25 06:30

CybelAngel published a research revealing that data leaks and shadow assets are the greatest source of exposure to cyberattacks faced by large organizations across the globe. Based on data from a sample group of customers, the research report reveals that data leak incidents increased, overall, by 63% and vulnerable shadow assets exposure grew by 40% in 2021.

BlackCat (ALPHV) claims Swissport ransomware attack, leaks data
2022-02-15 10:56

The BlackCat ransomware group, aka ALPHV, has claimed responsibility for the recent cyber attack on Swissport that caused flight delays and service disruptions. BlackCat has now been seen by BleepingComputer to leak a minuscule set of terabytes of data supposedly obtained from the recent ransomware attack.

Argo CD vulnerability leaks sensitive info from Kubernetes apps
2022-02-04 15:43

A vulnerability in Argo CD, used by thousands of orgs for deploying applications to Kubernetes, can be leveraged in attacks to disclose sensitive information such as passwords and API keys. Threat actors can exploit the vulnerability by loading a malicious Kubernetes Helm Chart YAML file onto the target system, allowing the extraction of sensitive information from other applications.

Apple fixes Safari data leak (and patches a zero-day!) – update now
2022-01-27 21:09

Just under two weeks ago, we wrote about an Apple Safari bug that could allow rogue website operators to track you even if they gave every impression of not doing so, and even if you had strict privacy protection turned on. That vulnerability, now known as CVE-2022-22594, showed up in Safari because of a bug in WebKit, the "Browser rendering engine", as these things are generally known, on which the Safari app is based.