Security News

American football team the San Francisco 49ers have been hit by ransomware, with the criminals responsible claiming to have stolen corporate data and threatened to publish it. Calling itself Blackbyte, the ransomware gang responsible published samples of stolen documents on a dark web blog over the weekend, as seen by The Register.

The BotenaGo botnet source code has been leaked to GitHub. Uploading of the source code to GitHub "Can potentially lead to a significant rise of new malware variants as malware authors will be able to use the source code and adapt it to their objectives," Alien Labs security researcher Ofer Caspi wrote.

A new ransomware operation named Rook has appeared recently on the cyber-crime space, declaring a desperate need to make "a lot of money" by breaching corporate networks and encrypting devices. The Rook ransomware payload is usually delivered via Cobalt Strike, with phishing emails and shady torrent downloads being reported as the initial infection vector.

British classifieds site Gumtree.com suffered a data leak after a security researcher revealed that he could access sensitive personally identifiable data of advertisers simply by pressing F12 on the keyboard. When pressing the F12 key in a web browser, the application will open the developer tools console, which allows you to view a website's source code, monitor network requests, and view error messages produced by the website.

Video footage has emerged of a British F-35B fighter jet falling off the front of aircraft carrier HMS Queen Elizabeth after a botched takeoff. The leaked clip, seemingly from a CCTV camera on the carrier's bridge, shows the Lockheed Martin-made stealth aircraft slowly trundling down the deck before tipping over the ski-jump ramp on her bows.

As of Thursday morning Eastern time, Adolf Hitler and Mickey Mouse could still validate their digital Covid passes, SpongeBob Squarepants was out of luck, and the European Union was investigating a leak of the private key used to sign the EU's Green Pass vaccine passports. On Wednesday, the Italian news agency ANSA reported that several underground vendors were selling passes signed with the stolen key on the Dark Web, and that the EU had called "Several high-level meetings" to investigate whether the theft was an isolated incident.

A court filing and announcement allege that a chap named Jonathan Toebbe, an employee of the Department of the Navy who served as a nuclear engineer, contacted entities that he believed represented a foreign power and offered to sell "Restricted Data concerning the design of a nuclear-powered warship". An FBI legal attaché obtained a letter sent by Toebbe in April 2020 that included some US Navy documents and instructions on how to establish a secure channel between a foreign nation and Toebbe.

An attacker claims to have ransacked Twitch for everything it's got, including all of its source code and user-payout information. Twitch's announcement came days after Black and LGBTQ Twitch streamers, fed up with torrents of racist and transphobic hate, boycotted the service for 24 hours in the #ADayOffTwitch protest.

Links to torrents that contain 128GB of data supposedly pulled from the Amazon-owned Twitch streaming service have been posted to 4chan. Without a trace of irony, the anonymous poster described Twitch as "a disgusting toxic cesspool" and linked to the data, which they alleged contains the source code for the Twitch site, other bits of released and unreleased software, and data on payouts made to Twitch creators.

Twitch source code and streamers' and users' sensitive information were allegedly leaked online by an anonymous user on the 4chan imageboard. The leaker shared a torrent link leading to a 120GB archive containing data allegedly stolen from roughly 6,000 internal Twitch Git repositories.