Author: nlqip
Los Angeles Unified School District (LAUSD) officials are investigating a threat actor’s claims that they’re selling stolen databases containing records belonging to millions of students and thousands of teachers. LAUSD is the second largest public school district in the United States, with over 25,900 teachers, roughly 48,700 other employees, and more than 563,000 students enrolled…
Read More
Image: Midjourney Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell enables further exploitation of the breached endpoints, such as enlisting them as part of the attackers’ infrastructure to evade detection in subsequent operations. The first signs of this activity date back…
Read More
The Computer Emergency Response Team of Ukraine (CERT-UA) reports about a new campaign dubbed “SickSync,” launched by the UAC-0020 (Vermin) hacking group in attacks on the Ukrainian defense forces. The threat group is linked to the Luhansk People’s Republic (LPR) region, which Russia has occupied almost in its entirety since October 2022. The hacker’s activities commonly…
Read More
When CISA called on the world’s leading software manufacturers to sign its Secure by Design Pledge, Tenable answered promptly and enthusiastically, becoming part of the first wave of supporters of this landmark initiative. In this blog post, Tenable CSO, Head of Research and President of Public Sector Robert Huber explains the significance of this pledge…
Read More
Based on technology from its recent Talend and Kyndi acquisitions, Qlik this week launched a new platform with comprehensive data integration and management services and a new GenAI assistant for tapping into unstructured data. Data analytics and integration tech developer Qlik has launched the Qlik Talend Cloud, a new data management platform based on technology…
Read More
A new ransomware operation named ‘Fog’ launched in early May 2024, using compromised VPN credentials to breach the networks of educational organizations in the U.S. Fog was discovered by Arctic Wolf Labs, which reported that the ransomware operation has not set up an extortion portal yet and was not observed stealing data. However, BleepingComputer can…
Read More
Attackers are targeting GitHub repositories, wiping their contents, and asking the victims to reach out on Telegram for more information. These attacks are part of what looks like an ongoing campaign first spotted on Wednesday by Germán Fernández, a security researcher at Chilean cybersecurity company CronUp. The threat actor behind this campaign—who has the Gitloker…
Read More
The most likely way the FBI will associate specific keys with specific victims — assuming that particular victim contacts the authorities — is that “the FBI will generate a script that will run all 7,000-plus keys” against the victim’s still-locked files, Levine said. There’s also a possibility that LockBit was reusing keys, he said. A reason…
Read More
A report indicated that Advance Auto Parts is allegedly the latest victim in a wave of data theft attacks targeting Snowflake customers. Advance Auto Parts is reportedly the latest victim in a wave of data theft attacks targeting Snowflake customers, which are believed to be utilizing stolen passwords. Separately, a report from TechCrunch highlighted the…
Read MoreEspionage with a Drone The US is using a World War II law that bans aircraft photography of military installations to charge someone with doing the same thing with a drone. Tags: drones, espionage, national security policy, photos Posted on June 6, 2024 at 11:51 AM • 0 Comments Sidebar photo of Bruce Schneier by…
Read More