Play ransomware gang leaks City of Oakland data

The Play ransomware gang has begun partially publishing data they stole from the City of Oakland, California. The data were in multiple archive files with a collective file size of 10GB. According to the ransomware gang, the files contain "private and personal information data, financial...

Warning issued over Royal ransomware

As part of its StopRansomware effort, the Cybersecurity and Infrastructure Security Agency CISA has published a Cybersecurity Advisory CSA about Royal ransomware. Royal ransomware is a Ransomware-as-a-service Raas that first made an appearance in January 2022. In September of that year, it began...

WordPress plugin BackupWordPress 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin...

US Marshals Service hit by ransomware and data breach

The US Marshals Service USMS says it's suffered a ransomware attack in which a threat actor managed to get hold of sensitive information about staff and fugitives. On February 17, 2023, the attacker infiltrated a system that held information about ongoing investigations, including personally...

Ransomware pushes City of Oakland into state of emergency

The ransomware attack that hit Oakland on Wednesday February 8, 2023 is still crippling many of the citys services a week later. In fact, the situation is so bad that the Interim City Administrator has now declared a state of emergency. Tweet announcing the state of emergency The ransomware attac...

Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware

A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it "observed the actor scanning the internet for victim machines wi...

SUSE CVE-2008-5687

MediaWiki 1.11, and other versions before 1.13.3, does not properly protect against the download of backups of deleted images, which might allow remote attackers to obtain sensitive information via requests for files in images/deleted/...

SUSE CVE-2013-1901

PostgreSQL 9.2.x before 9.2.4 and 9.1.x before 9.1.9 does not properly check REPLICATION privileges, which allows remote authenticated users to bypass intended backup restrictions by calling the 1 pgstartbackup or 2 pgstopbackup functions...

SUSE CVE-2016-6225

xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector IV for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this...

A CISOs Practical Guide to Storage and Backup Ransomware Resiliency

One thing is clear. The "business value" of data continues to grow, making it an organization's primary piece of intellectual property. From a cyber risk perspective, attacks on data are the most prominent threat to organizations. Regulators, cyber insurance firms, and auditors are paying much...

One in nine online stores are leaking your data, says study

eCommerce security company Sansec has revealed it's found a number of online stores accidentally leaking highly sensitive data. After studying 2,037 online stores, the company found that 12.3 percent exposed compressed files in ZIP, SQL, and TAR archive formats, which BleepingComputer noted appea...

LastPass Parent Company GoTo Suffers Data Breach, Customers' Backups Compromised

LastPass-owner GoTo formerly LogMeIn on Tuesday disclosed that unidentified threat actors were able to steal encrypted backups of some customers' data along with an encryption key for some of those backups in a November 2022 incident. The breach, which targeted a third-party cloud storage service...

CVE-2022-46959

An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows attackers to execute a directory traversal...

CVE-2022-46959

An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows attackers to execute a directory traversal...

CVE-2022-46959

An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows attackers to execute a directory traversal...

Sonic 路径遍历漏洞

Sonic is a high-performance blogging system from go developed using golang. A security vulnerability exists in Sonic v1.0.4, which stems from the component /admin/backups/work-dir that allows an attacker to perform directory traversal...

PT-2023-15119 · Sonic · Sonic

Name of the Vulnerable Software and Affected Versions: Sonic version 1.0.4 Description: The issue allows attackers to execute a directory traversal in the component /admin/backups/work-dir. This enables attackers to access files or directories outside the intended directory structure...

New device? Here's how to safely dispose of your old one

Until recently I had two old phones, one tablet and about 20 hard drives in storage that I was afraid to give up for recycling, or to pass on to someone that could use them. I wanted to dispose of them, but knowing how easy it is to retrieve data--such as personally identifiable information--even...

The Guardian hit by "ransomware attack"

On Tuesday December 20, 2022 British newspaper The Guardian experienced a major IT security incident that crippled a part of its IT infrastructure. The suspected cause is ransomware. In an online article the newspaper published an internal statement from the chief executive and the editor-in-chie...

Apple Is Finally Encrypting iCloud Backups

After way too many years, Apple is finally encrypting iCloud backups: Based on a screenshot from Apple, these categories are covered when you flip on Advanced Data Protection: device backups, messages backups, iCloud Drive, Notes, Photos, Reminders, Safari bookmarks, Siri Shortcuts, Voice Memos,...