Security News

This week's biggest story is the massive data leak from the Conti ransomware operation, including over 160,000 internal messages between members and source code for the ransomware and TrickBot operation. A Ukrainian security researcher has leaked over 60,000 internal messages belonging to the Conti ransomware operation after the gang sided with Russia over the invasion of Ukraine.

The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company. In a note posted earlier today, the extortion gang teased about releasing Samsung data with a snapshot of C/C++ directives in Samsung software.

Approximately 260,000 nonpublic disciplinary records stored on behalf of The State Bar of California were found to be exposed to the public and to have been republished on Judyrecords.com, a website that aggregates over 630 million public court records. Full case records were not disclosed, the State Bar said, and it's not yet clear how many attorney and witness names were revealed.

The Lapsus$ data extortion group has released what they claim to be data stolen from the Nvidia GPU designer. The first round of messages from Lapsus$ included a leak of what the actor said were hashed passwords of all Nvidia employees and a claim that the company hacked back to encrypt their virtual machine with the data.

Activists have reportedly leaked the contents of internal chats from the Russia-affiliated Conti ransomware gang as the Ukraine war continues. Conti ransomware group previously put out a message siding with the Russian government.

The crooks said unless Nvidia releases a software update that removes its recent crypto-coin mining limiter, they will leak what sounds like internal hardware documents - a hw folder, specifically. NCC Group released figures indicating a huge jump in the use of ransomware, with America the top target at 53 per cent of monitored infections, and Europe at 30 per cent.

CybelAngel published a research revealing that data leaks and shadow assets are the greatest source of exposure to cyberattacks faced by large organizations across the globe. Based on data from a sample group of customers, the research report reveals that data leak incidents increased, overall, by 63% and vulnerable shadow assets exposure grew by 40% in 2021.

The BlackCat ransomware group, aka ALPHV, has claimed responsibility for the recent cyber attack on Swissport that caused flight delays and service disruptions. BlackCat has now been seen by BleepingComputer to leak a minuscule set of terabytes of data supposedly obtained from the recent ransomware attack.

A vulnerability in Argo CD, used by thousands of orgs for deploying applications to Kubernetes, can be leveraged in attacks to disclose sensitive information such as passwords and API keys. Threat actors can exploit the vulnerability by loading a malicious Kubernetes Helm Chart YAML file onto the target system, allowing the extraction of sensitive information from other applications.

Just under two weeks ago, we wrote about an Apple Safari bug that could allow rogue website operators to track you even if they gave every impression of not doing so, and even if you had strict privacy protection turned on. That vulnerability, now known as CVE-2022-22594, showed up in Safari because of a bug in WebKit, the "Browser rendering engine", as these things are generally known, on which the Safari app is based.