InfoSec News Nuggets 05/25/2022

Chicago students lose data to ransomware attackers Chicago Public Schools (CPS) disclosed on Friday that students may have had their data taken in a ransomware incident involving one of its vendors. The ransomware attack happened last December at Battelle for Kids (BfK), based in Columbus Ohio, which develops services to provide innovation in schools for students and teachers. Around 490,000 students and 56,000 employees found their data breached by those responsible for the ransomware. The data accessed by criminals,…
Read More

InfoSec News Nuggets 05/23/2022

Researchers Spot Supply Chain Attack Targeting GitLab CI Pipelines Security researchers at SentinelLabs are calling attention to a software chain supply attack targeting Rust developers with malware aimed directly at infecting GitLab Continuous Integration (CI) pipelines. The campaign, dubbed CrateDepression, combines typosquatting and the impersonation of a known Rust developer to push a malicious ‘crate’ hosted on the Rust dependency community repository.  (Editor’s note: A crate is a compilation unit in Rust). The malicious crate was…
Read More