AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 7/17/2024

Email addresses of 15 million Trello users leaked on hacking forum

A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January. Trello is an online project management tool owned by Atlassian. Businesses commonly use it to organize data and tasks into boards, cards, and lists. In January, BleepingComputer reported that a threat actor known as ’emo’ was selling profiles for 15,115,516 Trello members on a popular hacking forum.

 

London council accuses watchdog of ‘exaggerating’ danger of 2020 raid on residents’ data

London’s inner city district of Hackney says the UK’s data protection watchdog has misunderstood and “exaggerated” details surrounding a ransomware attack on its systems in 2020. During the attack, thieves stole data of 280,000 Hackney residents, council employees and more, and some of the system’s backups were deleted after the crooks broke into a server using an insecure password on a dormant account. The attack exposed “deeply personal information” as well as throwing multiple systems used by locals offline for extended periods.

 

Yacht giant MarineMax data breach impacts over 123,000 people

MarineMax, self-described as the world’s largest recreational boat and yacht retailer, is notifying over 123,000 individuals whose personal information was stolen in a March security breach claimed by the Rhysida ransomware gang. The company operates over 130 locations, including 83 dealerships and 66 marinas and storage facilities worldwide. Last year, it reported $2.39 billion in revenue and a $835.3 million gross profit. While the Florida-based yacht seller initially stated in a March 12 SEC filing that no sensitive data was stored on the compromised systems, two weeks later, it said in a new 8-K filing that the attackers had stolen personal data belonging to an undisclosed number of people.

 

Cisco SSM On-Prem bug lets hackers change any user’s password

Cisco has fixed a maximum severity vulnerability that allows attackers to change any user’s password on vulnerable Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers, including administrators. The flaw also impacts SSM On-Prem installations earlier than Release 7.0, known as Cisco Smart Software Manager Satellite (SSM Satellite).As a Cisco Smart Licensing component, SSM On-Prem assists service providers and Cisco partners in managing customer accounts and product licenses.

 

Treasury group unveils guidance for financial sector on cloud adoption

The Treasury Department and an industry-led nonprofit on Wednesday released secure cloud adoption guidance for financial institutions, the culmination of a year-long effort that the agency’s deputy secretary called “critically important to our work on cybersecurity.” The suite of resources released by Treasury and the Financial Services Sector Coordinating Council as part of the public-private Cloud Executive Steering Group is intended to address gaps called out in the department’s February 2023 report on the industry’s use of cloud services.  During a press briefing in Washington, D.C. to unveil the cloud guidance, Deputy Treasury Secretary Wally Adeyemo said the steering group’s work with cloud providers “is a demonstration that we have the ability to work beyond just the financial system.”

Related Posts