Scope of Salesforce Attacks Expands as Icarus Leaks Data
More victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers' Salesforce data.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
More victims have emerged after attackers breached application vendor Klue and used its OAuth tokens to steal customers' Salesforce data.
Prolific ShinyHunters Extortion Group Made 'Pay or Leak' Threat to VictimHome security giant ADT has suffered a data breach that appears to have exposed personally identifiable information tied to 5.5 million customers. Prolific extortionist group ShinyHunters claimed credit for the attack, saying it stole Salesforce data after socially engineering an ADT employee.
Threat actors with ties to Iran successfully broke into the personal email account of Kash Patel, the director of the U.S. Federal Bureau of Investigation (FBI), and leaked a cache of photos and other documents to the internet
England Hockey, the governing body for field hockey in England, is investigating a potential data breach after the AiLock ransomware gang listed it as a victim on its data leak site. [...]
South Korea's financial sector has been targeted by what has been described as a sophisticated supply chain attack that led to the deployment of Qilin ransomware
Victims fear leak at Everglades Correctional Institution could lead to violent extortion A data breach at a Florida prison has inmates' families concerned for their welfare after their contact details were allegedly leaked to convicted criminals.…
Also: ToolShell Hits South Africa, Most Americans Are Online Fraud VictimsThis week: Did China sneak a peek into ToolShell? ToolShell hacking in South Africa, Cisco flaws, an Arizona woman sentenced for aiding North Korea. Most Americans scammed online, a NASCAR data breach and a claimed data leak at France's Naval Group. Orange telecom disrupted. Dating app Tea breach.
The ransomware-as-a-service (RaaS) cybercrime group intends to leak the stolen information in just two days, it claims; but oddly, it doesn't seek a ransom payment from its victim.
Also: Interpol Says 'Pig Butchering' Shames Victims, A Data Leak Scandal in MexicoThis week, U.S. asks Israel to extradite an alleged LockBit coder, don't say "pig butchering," and an Apache Struts flaw. A hunt for alleged data thieves in Mexico, Europe probes TikTok and Netfilix fined 4.75 million. A ransomware attack against Texas medical centers and a credit union breach.
The U.S. Marshals Service (USMS) denies its systems were breached by the Hunters International ransomware gang after being listed as a new victim on the cybercrime group's leak site on Monday. [...]
Also: The leaked Apple internal tools that weren't; TV pirate pirates convicted; and some critical vulns, too Infosec in brief The descending ball of trouble over at Snowflake keeps growing larger, with more victims – and even one of the alleged intruders – coming forward last week.…
Attackers Demanding Up to $5 Million to Delete Stolen Data, Investigators ReportAttackers who stole terabytes of data from customers of Snowflake have been not only offering the data for sale on data leak marketplaces but also extorting some of the victims, demanding a ransom of $300,000 to $5 million each, security researchers report.
Ransomware Group Says MeridianLink Didn't Tell SEC About Cyberattack Within 4 DaysThe BlackCat ransomware group tattled to U.S. federal regulators about an alleged victim not disclosing a material cyberattack within four business days. The group, also known as Alphv, listed MeridianLink on its data leak site and threatened to leak stolen data.
Ransomware Group Says MeridianLink Didn't Tell SEC About Cyberattack Within 4 DaysThe BlackCat ransomware group tattled to U.S. federal regulators about an alleged victim not disclosing a material cyberattack within four business days. The group, also known as Alphv, listed MeridianLink on its data leak site and threatened to leak stolen data.
Ransomware group nicked info from employee of airline, say researchers Aerospace giant Airbus has fallen victim to a data breach, thanks in part to the inattention of a third party.…
Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks. [...]
Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks. [...]
It’s not just another data breach when the victim oversees witness protection programs The US Marshals Service, the enforcement branch of the nation’s federal courts, has admitted to a “major” breach of its information security defenses allowed a ransomware infection and exfiltration of “law-enforcement sensitive information”.…
The Australian Federal Police (AFP) has arrested a 19-year-old teen from Sydney for allegedly attempting to leverage the data leaked following the Optus data breach late last month to extort victims
The Australian Federal Police (AFP) announced today the launch of Operation Guardian which will ensure that more than 10,000 customers who had their personal info leaked in the Optus data breach will get priority protection against fraud attempts. [...]