September 6, 2024 at 01:39AM Telegram CEO Paul Durov broke his silence after his arrest in France, addressing charges of enabling criminal activity on the platform. He criticized the legal approach and emphasized the company’s commitment to user privacy and security. Telegram has updated its FAQ to allow users to report illegal content, but concerns … Read more
August 30, 2024 at 10:46AM The City of Columbus, Ohio has filed a lawsuit against security researcher David Leroy Ross, accusing him of illegally downloading and sharing data stolen from the City’s IT network, leaked by the Rhysida ransomware gang. Based on the meeting notes, it appears that the City of Columbus, Ohio, has filed … Read more
August 27, 2024 at 01:22PM SafeBreach security researcher Alon Leviev has developed the Windows Downdate tool to enable downgrade attacks on current Windows 10, Windows 11, and Windows Server systems, reintroducing old vulnerabilities. Based on the meeting notes, it appears that SafeBreach security researcher Alon Leviev has released a tool called Windows Downdate. This tool … Read more
April 25, 2024 at 08:15AM Pierre Barre warned of multiple vulnerabilities in the Brocade SANnav application, allowing for compromise of the appliance and Fibre Channel switches. The flaws included unauthenticated access, backdoor accounts, exposed credentials, and insecure Docker instances. After initial rejection, the issues were patched in SANnav version 2.3.1, released in December 2023. Key … Read more
February 20, 2024 at 09:03AM Attackers are leveraging a recently patched vulnerability in the Bricks Builder plugin for WordPress to execute arbitrary PHP code on affected websites, warns Patchstack. Tracked as CVE-2024-25600, this remote code execution flaw can be exploited without authentication. Exploitation attempts have already been observed, with attackers deploying malware to disable security … Read more
January 31, 2024 at 02:30PM Europcar denies data breach, stating shared customer data is fake after a threat actor claimed to have info for 50M customers. The alleged data, including personal info, was offered on a hacking forum. Europcar confirms the data is fabricated and not from their database. Experts suggest the data was likely … Read more
January 22, 2024 at 03:31PM A security researcher in Germany was fined €3,000 for reporting a vulnerability in an e-commerce database that put customer information at risk. Modern Solution GmbH downplayed the data exposure, leading to a legal battle. Hendrik H. was initially vindicated by the District Court but was eventually fined and is planning … Read more
January 10, 2024 at 12:07PM Ransomware victims facing extortion attempts from a third party posing as a security researcher. Arctic Wolf Labs highlighted cases involving victims of Royal and Akira gangs being extorted by an individual or group, requesting a fee of 5 Bitcoin. The victims, US-based SMBs in finance and construction, did not pay … Read more
October 24, 2023 at 06:10AM A third-party contractor running a database without password protection exposed over 500,000 records related to vehicle seizures by the Irish National Police. The exposed data includes scanned identity documents and incident summary reports containing names and details of drivers and officers. The database is owned and operated by an unnamed … Read more