WikiLeaks-style group Distributed Denial of Secrets has revealed what it calls “GabLeaks”: a collection of more than 70 gigabytes of data from social media platform Gab, representing more than 40 million posts. Less well-known than Parler, which recently made the headlines as it was taken offline, Gab is a so-called “free speech” platform, known for its far-right userbase. DDoSecrets says a hacktivist who self-identifies as “JaXpArO and My Little Anonymous Revival Project” siphoned that data out of Gab’s backend databases in an effort to expose the platform’s users. Those Gab patrons, whose numbers have swelled after Parler went offline, include…
ISBuzz Team
LogMeIn, Inc., a global leader in remote work technology and a key influencer in today’s work-from-anywhere economy, recently released findings of a new report conducted in partnership with IDG to understand the relationship between IT and productive, safe remote work. Last year, over 70% of IT and security professionals in the UK had to scramble to adjust to the short term needs of remote work and purchase off the shelf solutions. However, now that it is becoming a more permanent working arrangement, many are re-evaluating the solutions they need. The survey revealed a growing concern amongst organisations that, despite being…
It has been reported that one of the world’s top biology labs—one whose renowned professors have been researching how to counter the Covid-19 pandemic—has been hacked. Oxford University confirmed on Thursday it had detected and isolated an incident at the Division of Structural Biology (known as “Strubi”) after Forbes disclosed that hackers were showing off access to a number of systems. These included machines used to prepare biochemical samples, though the university said it couldn’t comment further on the scale of the breach. It has contacted the National Cyber Security Center (NCSC), a branch of the British intelligence agency GCHQ, which will now…
Energy firm Npower has closed down its app following an attack that exposed some customers’ financial and personal information. Contact details, birth dates, addresses, and partial bank account numbers are among the details believed stolen. The firm did not say how many accounts were affected by the breach, which was first reported by MoneySavingExpert.com. But the affected accounts had been locked, Npower had said. “We identified suspicious cyber-activity affecting the Npower mobile app, where someone has accessed customer accounts using login data stolen from another website. This is known as ‘credential stuffing’,” the firm said in a statement.
The VC firm Sequoia Capital disclosed an email data breach in a DOJ notice of breach sent to affected individuals. Excerpt: “On or about January 20, 2021, we learned that an unauthorized third party had gained remote access to the business email mailbox of one Sequoia employee, with the apparent aim of conducting a wired version scam,” Sequoia Capital explained in a notice of data breach sent to affected individuals.” A Gurucul expert offers commentary.
The US Federal Reserve suffered a massive IT systems outage today that prevented wire transfers, ACH transactions, and other services from operating. When performing a US wire transfer or ACH withdrawal/deposit, the transaction first goes through the Federal Reserve Bank systems who facilitate the transaction. Yesterday, the Federal Reserve banking systems suffered an outage caused by an “operational error” on their end. In other words, someone made a mistake that caused the systems to go down.
According to a new report by Bridewell Consulting, 86% of CNI organizations in the UK have experienced cyber-attacks on their operational technology and industrial control systems in the last 12 months. When looked at alongside other issues such as smaller budgets and legacy infrastructure, this news becomes more alarming for CNI cybersecurity.
The data belonging to the Canadian airplane manufacturer Bombardier published on a dark web portal operated by the Clop ransomware gang. The company responded by saying, “An initial investigation revealed that an unauthorized party accessed and extracted data by exploiting a vulnerability affecting a third-party file-transfer application, which was running on purpose-built servers isolated from the main Bombardier IT network”. The specific detail of the attack is not revealed by the company but it is believed that data belongs to Accellion FTA, a web server that can be used by companies to host and share large files that can’t be…
New research from Digital Shadows: The Rise of Initial Access Brokers highlights the growing class of Initial Access Brokers and analyzes the role played by this emerging figure in the broader criminal infrastructure of ransomware. A cybersecurity expert offers perspective.
On Tuesday, VMWare published an advisory for multiple vulnerabilities, including two flaws, in VMware vCenter Server.