Security News

Qilin cyber scum leak data they claim belongs to London hospitals’ pathology provider
2024-06-21 11:15

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Keytronic confirms data breach after ransomware gang leaks stolen files
2024-06-14 21:20

PCBA manufacturing giant Keytronic is warning it suffered a data breach after the Black Basta ransomware gang leaked 530GB of the company's stolen data two weeks ago. While Keytronic didn't attribute the attack to a specific threat group, the Black Basta ransomware operation claimed the attack two weeks ago, leaking what they claim is 100% of the stolen data.

'New York Times source code' leaks online via 4chan
2024-06-07 23:39

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Check-in terminals used by thousands of hotels leak guest info
2024-06-05 20:43

Ariane Systems self check-in systems installed at thousands of hotels worldwide are vulnerable to a kiosk mode bypass flaw that could allow access to guests' personal information and the keys for other rooms. These terminals allow people to book and check into the hotel themselves, handle the payment process via a POS subsystem, print invoices, and provision RFID transponders used as room keys.

Australian mining company discloses breach after BianLian leaks data
2024-06-04 22:10

Northern Minerals issued an announcement earlier today warning that it suffered a cybersecurity breach resulting in some of its stolen data being published on the dark web. The firm is publicly traded on the Australian Securities Exchange under the ticker 'NTU,' so it is legally obliged to disclose any data breach incidents promptly.

Hudson Rock yanks report fingering Snowflake employee creds snafu for mega-leak
2024-06-04 02:25

Snowflake said if any customer data was taken from its servers, it may have been obtained by thieves who got hold of individual customers' account credentials - via targeted phishing, some other leak, or malware, for example - and not by a general compromise of Snowflake's security. On Friday, in its now-deleted write-up, Hudson Rock wrote that data thieves claimed to have signed into a Snowflake employee's ServiceNow work account and used this access to siphon databases belonging to as many as 400 Snowflake corporate clients.

Crooks threaten to leak 3B personal records 'stolen from background check firm'
2024-06-03 19:36

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Christie’s confirms breach after RansomHub threatens to leak data
2024-05-28 16:10

Yesterday, the RansomHub ransomware group added Christie's on its extortion page on the dark web, claiming it had breached the company and stole sensitive client data. A Christie's spokesperson confirmed to BleepingComputer that the company had suffered a data breach that impacted some clients.

UK data watchdog wants six figures from N Ireland cops after 2023 data leak
2024-05-23 08:30

Following a data leak that brought "Tangible fear of threat to life", the UK's data protection watchdog says it intends to fine the Police Service of Northern Ireland £750,000. The August exposure of cops' data affected 9,483 officers and was described by Commissioner Pete O'Doherty of the City of London Police as "The most significant data breach that has ever occurred in the history of UK policing" in an official review.

Bitbucket artifact files can leak plaintext authentication secrets
2024-05-21 19:05

Threat actors were found breaching AWS accounts using authentication secrets leaked as plaintext in Atlassian Bitbucket artifact objects. As developers may not be aware that these secrets are exposed in artifact files, the source code may be published to public repositories where threat actors can steal them.