2024

Infosys subsidiary named as source of Bank of America data leak

Looks like LockBit took a swipe at an outsourced life insurance application Indian tech services giant Infosys has been named as the source of a data leak suffered by the Bank of America.…

Korean eggheads crack Rhysida ransomware and release free decryptor tool

Great news for victims of gang behind the big British Library hit in October Some smart folks have found a way to automatically unscramble documents encrypted by the Rhysida ransomware, and used that know-how to produce and release a handy recovery tool for victims.…

Dutch insurers demand nudes from breast cancer patients despite ban

No photos? No, second operation Dutch health insurers are reportedly forcing breast cancer patients to submit photos of their breasts prior to reconstructive surgery despite a government ban on precisely that.…

FCC gets tough: Telcos must now tell you when your personal info is stolen

Yep, cell carriers didn't have to do this before The FCC's updated reporting requirements mean telcos in America will have just seven days to officially disclose that a criminal has broken into their systems.…

Jet engine dealer to major airlines discloses ‘unauthorized activity’

Pulls part of system offline as Black Basta docs suggest the worst Willis Lease Finance Corporation has admitted to US regulators that it fell prey to a "cybersecurity incident" after data purportedly stolen from the biz was posted to the Black Basta ransomware group's leak blog.…

Europe’s largest caravan club admits wide array of personal data potentially accessed

Experts also put an end to social media security updates The Caravan and Motorhome Club (CAMC) and the experts it drafted to help clean up the mess caused by a January cyberattack still can't figure out whether members' data was stolen.…

Meet VexTrio, a network of 70K hijacked websites crooks use to sling malware, fraud

Some useful indicators of compromise right here More than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers.…

Ivanti discloses fifth vulnerability, doesn’t credit researchers who found it

Software company's claim of there being no active exploits also being questioned In disclosing yet another vulnerability in its Connect Secure, Policy Secure, and ZTA gateways, Ivanti has confused the third-party researchers who discovered it.…

Fortinet’s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim

An orchestra of fails for the security vendor We've had to write the word "Fortinet" so often lately that we're considering making a macro just to make our lives a little easier after what the company's reps will surely agree has been a week sent from hell.…

Copyright © 2024 Lugapel