Security News
The Egregor ransomware gang has hit game developer Crytek in a confirmed ransomware attack and leaked what they claim are files stolen from Ubisoft's network. This week, the Egregor ransomware game posted archives containing unencrypted files, stating that they were stolen from Ubisoft and Crytek in unrelated attacks.
Australia's Department of Foreign Affairs and Trade has just exposed personal details of over 1,000 citizens in an email. Australia has all-but-closed its borders during the COVID-19 pandemic, rationing the number of citizens who can fly into the country each day.
Personal information for students in the Clark County School District, which includes Las Vegas, has reportedly turned up on an underground forum, following a ransomware attack that researchers say was carried out by the Maze gang. In early September, the Associated Press reported that the district was crippled during its first week of school thanks to a ransomware attack, potentially exposing personal information of employees, including names and Social Security numbers.
Microsoft's long-lived operating system Windows XP-that still powers over 1% of all laptops and desktop computers worldwide-has had its source code leaked online, allegedly, along with Windows Server 2003. The source code for Microsoft's 19-year-old operating system was published as a torrent file on notorious bulletin board website 4chan, and it's for the very first time when source code for Microsoft's operating system has been leaked to the public.
If the reports are to be believed, someone has just leaked a mega-torrent of Microsoft source code going all the way back to MS-DOS 6. Intriguingly, Microsoft has officially released old-school source code before, such as when the source of MS-DOS 1.25 and Word 1.1a were made public a few years back.
Someone has leaked what appear to be source code files for the Windows XP and Windows Server 2003 operating systems. The source code files for Windows XP and Windows Server 2003 appear to have been made public for the first time.
US prosecutors claim six people bribed corrupt Amazon insiders to rig the the web giant's Marketplace in their favor and leak terabytes of data including some search algorithms. In an indictment [PDF] filed late last week, the Dept of Justice asserted that the six defendants paid over US$100,000 to "Complicit Amazon employees and contractors." The DoJ claims at least ten Amazonians took the crooked coin and "Baselessly and fraudulently conferred tens of millions of dollars of competitive benefits on hundreds of 3P seller accounts that the defendants purported to represent".
US prosecutors claim six people bribed corrupt Amazon insiders to rig the the web giant's Marketplace in their favor and leak terabytes of data including some search algorithms. In an indictment [PDF] filed late last week, the Dept of Justice asserted that the six defendants paid over US$100,000 to "Complicit Amazon employees and contractors." The DoJ claims at least ten Amazonians took the crooked coin and "Baselessly and fraudulently conferred tens of millions of dollars of competitive benefits on hundreds of 3P seller accounts that the defendants purported to represent".
In a new report into the global cybersecurity industry's exposure on the Dark Web this year, global application security company, ImmuniWeb, uncovered that 97% of leading cybersecurity companies have data leaks or other security incidents exposed on the Dark Web, while on average, there are over 4,000 stolen credentials and other sensitive data exposed per cybersecurity company. Key findings that the research found relating to the leading global cybersecurity companies' exposure on the Dark Web included:97% of companies have data leaks and other security incidents exposed on the Dark Web.
Ursem, self-appointed "Lamest hacker you know" found the leaked info in a simple search to see if someone "Is actually stupid enough to upload medical customer data to GitHub," he told DataBreach.net. The report describes one errant developer referred to as the "Typhoid Mary of Data Leaks" because of the multiple errors and repetition of these errors in his use of GitHub in relation to not just storage and management of medical data, but other files as well.