News

K-12 schools face cybersecurity risks inside and outside of the classroom

Bys s September 18, 2025

As students return to school, it’s crucial for administrators and IT teams to stay vigilant against opportunistic threat actors.

News

Don’t be so quick to claim there’s no reason to believe there’s compromise of patient info: Saturday edition
Bys s April 19, 2025

Here’s today’s example of how an entity may claim that they had no reason to believe patient data had been compromised, only to find that it had been. In February, Whitman Hospital & Medical Clinics (“WHMC”) in California discovered they had been the victim of a cyberattack that occurred between December 26 and February 28….

Read More Don’t be so quick to claim there’s no reason to believe there’s compromise of patient info: Saturday edition
News

OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
Bys s April 11, 2025

A newly disclosed high-severity security flaw impacting OttoKit (formerly SureTriggers) has come under active exploitation within a few hours of public disclosure. The vulnerability, tracked as CVE-2025-3102 (CVSS score: 8.1), is an authorization bypass bug that could permit an attacker to create administrator accounts under certain conditions and take control of susceptible websites. “The

Read More OttoKit WordPress Plugin Admin Creation Vulnerability Under Active Exploitation
News

Hospital cyberattack investigation complete, no formal review needed
Bys s June 18, 2025

Paul Pedro reports a follow-up to the massive ransomware attack on Ontario hospitals via an attack on TransForm by the Daixin threat actors: The Information and Privacy Commissioner of Ontario (IPC) has completed a review into a massive cyberattack on five regional hospitals in 2023 and found hospital officials acted “adequately.” But in its decision,…

Read More Hospital cyberattack investigation complete, no formal review needed
News

Criminal hacker known as ALTDOS, DESORDEN, GHOSTR and 0mid16B arrested
Bys s February 27, 2025

He called himself ALTDOS when he first contacted DataBreaches in 2020. In 2021 he started contacting this site as DESORDEN. Then in 2024, he contacted this site as GHOSTR, and more recently, as 0mid16B. Under each new moniker, he denied being the individual DataBreaches knew under previous monikers, even though based on his targets, his…

Read More Criminal hacker known as ALTDOS, DESORDEN, GHOSTR and 0mid16B arrested
News

Developing: Salesforce data leak site being seized? Looks like it.
Bys s October 6, 2025

I am guessing that the breachforums[.]hn leak site for ScatteredLAPSUS$Hunters is in the process of being seized. A whois lookup now shows that the name servers have been changed to hans.ns.cloudflare.com and surina.ns.cloudflare.com, which I am guessing are government accounts. The onion site appears intact. This post will be updated as the situation evolves. Source

Read More Developing: Salesforce data leak site being seized? Looks like it.
News

Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail
Bys s March 3, 2025

Threat actors are targeting Amazon Web Services (AWS) environments to push out phishing campaigns to unsuspecting targets, according to findings from Palo Alto Networks Unit 42. The cybersecurity company is tracking the activity cluster under the name TGR-UNK-0011 (short for a threat group with unknown motivation), which it said overlaps with a group known as…

Read More Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail

Similar Posts