Hackers use Conti's leaked ransomware to attack Russian companies
A hacking group used the Conti's leaked ransomware source code to create their own ransomware to use in cyberattacks against Russian organizations. [...]
Data leaks can expose passwords, personal records, and business secrets, enabling identity theft, fraud, extortion, and follow-on cyberattacks.
Search across headline titles and summaries.
Background for this topic.
Leak is the unauthorized disclosure or exposure of information to people or systems not meant to receive it. It may be deliberate or accidental and can involve personal data, credentials, API keys, source code, trade secrets, or internal documents. A leak can result from theft and publication, an employee sending data to the wrong recipient, or an exposed cloud storage bucket, database, log, repository, or backup. The term describes the exposure, not necessarily how attackers obtained it; reporting may refer to both confirmed disclosure and suspected exposure.
Security teams should establish what data was accessible, to whom, and for how long, while distinguishing evidence of access from mere exposure. Exposed passwords, tokens, and keys should be revoked or rotated quickly, and affected systems checked for reuse or further access. Personal or regulated data may trigger privacy and reporting obligations, while leaked proprietary material can require legal and threat-intelligence monitoring. Prevention includes least-privilege access, secret scanning, safe sharing controls, encryption where appropriate, and monitoring for misconfigured public resources.
A hacking group used the Conti's leaked ransomware source code to create their own ransomware to use in cyberattacks against Russian organizations. [...]
American automotive tools manufacturer Snap-on announced a data breach exposing associate and franchisee data after the Conti ransomware gang began leaking the company's data in March. [...]
Researchers discover database exposed through misconfiguration
Leak highlights worker offboarding policies as SaaS use grows A former employee with Block used the digital financial services firm's Cash App products to access and download personal information about US customers in December 2021, the firm has claimed.…
Repo depot go-slow – well before you git a move on Code shack GitHub is aiming to help users avoid inadvertent leaks of confidential objects like access tokens by scanning repository content for such secrets before a git push is executed.…
GitHub announced on Monday that it expanded its code hosting platform's secrets scanning capabilities for GitHub Advanced Security customers to automatically block secret leaks. [...]
GitHub announced on Monday that it expanded its code hosting platform's secrets scanning capabilities for GitHub Advanced Security customers to automatically block secret leaks. [...]