serisec

Category: Data Breaches

  • CISA Security Leak

    CISA Security Leak Crazy story: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests…

  • Lawmakers Demand Answers as CISA Tries to Contain Data Leak

    Lawmakers Demand Answers as CISA Tries to Contain Data Leak Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets on a public GitHub account.…

  • CISA Admin Leaked AWS GovCloud Keys on Github

    CISA Admin Leaked AWS GovCloud Keys on Github Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how…

  • Canvas Breach Disrupts Schools & Colleges Nationwide

    Canvas Breach Disrupts Schools & Colleges Nationwide An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service’s login page with a ransom demand that threatened to leak data from 275 million students…

  • Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

    Anti-DDoS Firm Heaped Attacks on Brazilian ISPs A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks against other network operators in Brazil, KrebsOnSecurity has learned. The firm’s chief executive says the malicious activity resulted from a…

  • ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty

    ‘Scattered Spider’ Member ‘Tylerb’ Pleads Guilty A 24-year-old British national and senior member of the cybercrime group “Scattered Spider” has pleaded guilty to wire fraud conspiracy and aggravated identity theft. Tyler Robert Buchanan admitted his role in a series of text-message phishing attacks in the summer of 2022 that allowed the group to hack into…

  • Please Don’t Feed the Scattered Lapsus ShinyHunters

    Please Don’t Feed the Scattered Lapsus ShinyHunters A prolific data ransom gang that calls itself Scattered Lapsus ShinyHunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and regulators about the extent of the intrusion. Some victims…

  • Abusing Notion’s AI Agent for Data Theft

    Abusing Notion’s AI Agent for Data Theft Notion just released version 3.0, complete with AI agents. Because the system contains Simon Willson’s lethal trifecta, it’s vulnerable to data theft though prompt injection. First, the trifecta: The lethal trifecta of capabilities is: Access to your private data—one of the most common purposes of tools in the…

  • Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

    Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an…

  • 18 Popular Code Packages Hacked, Rigged to Steal Crypto

    18 Popular Code Packages Hacked, Rigged to Steal Crypto At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have been quickly contained and was narrowly…

  • The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft

    The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate the stolen credentials before hackers can exploit them. Now Google…

  • How Solid Protocol Restores Digital Agency

    How Solid Protocol Restores Digital Agency The current state of digital identity is a mess. Your personal information is scattered across hundreds of locations: social media companies, IoT companies, government agencies, websites you have accounts on, and data brokers you’ve never heard of. These entities collect, store, and trade your data, often without your knowledge…

  • Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai

    Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald’s was exposed after they guessed the password (“123456”) for the fast food chain’s account at Paradox.ai, a company that makes artificial intelligence based hiring chatbots used by many…

  • DOGE Denizen Marko Elez Leaked API Key for xAI

    DOGE Denizen Marko Elez Leaked API Key for xAI Marko Elez, a 25-year-old employee at Elon Musk’s Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U.S. Social Security Administration, the Treasury and Justice departments, and the Department of Homeland Security. So it should fill all Americans with a deep…

  • Breachforums Boss to Pay $700k in Healthcare Breach

    Breachforums Boss to Pay $700k in Healthcare Breach In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick,…

  • Feds Link $150M Cyberheist to 2022 LastPass Hacks

    Feds Link $150M Cyberheist to 2022 LastPass Hacks In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents investigating a…

  • An Interview With the Target & Home Depot Hacker

    An Interview With the Target & Home Depot Hacker In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in…

  • Fintech Giant Finastra Investigating Data Breach

    Fintech Giant Finastra Investigating Data Breach The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than…