Hi folks,

I hope you had a productive week! Sit back, relax and learn about how cybersecurity is still a hot flaming mess, but rest easy knowing that you are trying to help change that. You can be proud of yourself, and I am proud of you. That is all.

Also, and above all: enjoy your weekend ;-)


Dieter Van der Stock

Quick links

  • LockBit lied: Stolen data is from a bank, not US Federal Reserve: link.
  • CISA: Most critical open source projects not using memory safe code: link.
  • US sanctions 12 Kaspersky Lab execs for working in Russian tech sector: link.
  • Cyber insurance terms drive companies to invest more in security: link.

Breaches and leaks

  • South Africa’s national health lab hit with ransomware attack amid mpox outbreak: link.
  • CISA warns chemical facilities of potential data theft: link.
  • Change Healthcare lists the medical data stolen in ransomware attack: link.
  • Los Angeles Unified confirms student data stolen in Snowflake account hack: link.
  • Neiman Marcus confirms data breach after Snowflake account hack: link.
  • CoinStats says North Korean hackers breached 1,590 crypto wallets: link.
  • Former IT employee accessed data of over 1 million US patients: link.
Dieter Van der Stock

Issues and fixes

  • Critical GitLab bug lets attackers run pipelines as any user: link.
  • Facebook PrestaShop module exploited to steal credit cards: link.
  • Backdoor slipped into multiple WordPress plugins in ongoing supply-chain attack: link.
  • Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released: link.