-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on May 13, 2023
> A new phishing-as-a-service (PaaS) tool has been observed targeting businesses, mainly in the manufacturing, healthcare, technology, and real estate sectors.
> Nickolas Sharp, the former Ubiquiti employee who posed as a hacker and attempted to extort the firm for $2 million, was sentenced to prison.
> A former software engineer at Ubiquit Networks has been sent to prison for six years after stealing gigabytes of data from the firm, attempting to extort millions of dollars, and harming the company's reputation in the media.
> Back in January 2021, networking manufacturer Ubiquiti told users to change their passwords and enable two-factor authentication (2FA), after it realised gigabytes of confidential data had been accessed by an unknown party on its AWS servers and GitHub repositories the previous month.
> OpenSSF has added four new members and is receiving $5 million in funding for its Alpha-Omega open source software security project.
> US government investigating whether the Chinese operations of industrial giant Rockwell Automation pose a cybersecurity risk to critical infrastructure.
> Claroty has disclosed the details of 5 vulnerabilities that can be chained in an exploit allowing unauthenticated attackers to hack Netgear routers.
> A new, stealthier variant of the Linux malware 'BPFDoor' has been discovered, featuring more robust encryption and reverse shell communications.
> A new report from SentinelLabs shows that more threat actors are adopting the source code, which was stolen and leaked on a Russian hacking forum in September 2021. In the second half of 2022 and first half of 2023, researchers identified nine ransomware groups using VMware ESXi lockers based on the leaked code.
> Security updates have been issued by Debian (postgresql-13 and webkit2gtk), Fedora (git), SUSE (helm and skopeo), and Ubuntu (cinder, nova, python-glance-store, and python-os-brick).
> Confidential employee information has been exposed in a data breach at Ambulance Victoria (AV).
> The data in question is the drug and alcohol tests of prospective graduate paramedics collected between May 2017 and October 2018.
> Richmond University Medical Center (RUMC) in West Brighton experienced a recent ransomware attack that has triggered an ongoing network outage at the hospital, an official said.
> Toyota Motor Corp said on Friday the vehicle data of about 2.15 million users was left publicly available in Japan for about a decade from November 2013 to mid-April.
> The incident comes as the world’s biggest automaker by sales makes a push into vehicle connectivity that is seen as crucial to offering services such as autonomous driving and other artificial intelligence-backed features.
> n April 30, Bluefield University in Virginia discovered that they had been the victim of a cyberattack. They announced the attack to the community and that they had engaged cybersecurity experts to assist in their remediation efforts. At the time, they did not call it a ransomware attack and understandably, did not yet know the scope and extent of the attack.
> Their attempts to reassure the community that they had no evidence of misuse of any information failed to reassure everyone, though — especially after the individual(s) responsible for the attack took control of the university’s RAMAlert system to blast out a message to students. On May 2, DataBreaches was contacted by a concerned employee who provided this site with a screencap of the May 1 alert message.
> The “cyber event” that ended with several systems being taken offline across North Healthcare properties earlier this week came as no surprise to Dr. Roman Yampolskiy, director of the cybersecurity lab at the University of Louisville. […]
> Norton continues to evaluate its computer systems after the hacked. The hospital said Tuesday it got a suspicious message and took several systems offline as a precaution. MyChart services were partially restored Wednesday, and Norton has offered no explanation or details outside of the following written statement….
> The personal information of 237,000 current and former federal government employees has been exposed in a data breach at the U.S. Transportation Department (USDOT), sources briefed on the matter said on Friday.
> The breach hit systems for processing TRANServe transit benefits that reimburse government employees for some commuting costs. It was not clear if any of the personal information had been used for criminal purposes.
> The Illinois Department of Healthcare and Family Services (HFS) and Department of Human Services (IDHS) have disclosed a data breach within the State of Illinois Application for Benefits Eligibility (ABE) system’s Manage My Case (MMC) portal.
> The ABE system is responsible for determining eligibility for State-funded medical benefits programs (Medicaid), the Supplemental Nutrition Assistance Program (SNAP), and Temporary Assistance for Needy Families (TANF).
-- Response ended
-- Page fetched on Thu Jun 13 17:54:06 2024