101010.pl

Walker<a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@GossiTheDog</a> its not like DFIR relies on audit logs.For fucks sake, Microsoft.<a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/dfir" class="mention hashtag" rel="nofollow noopener" target="_blank">#dfir</a>

Dissent Doe :cupofcoffee:First it looked like Clinical Diagnostics (Eurofins) had paid Nova ransomware gang not to leak the Dutch patient data for 485k women in cancer screening program. Nova even confirmed they got paid to a news outlet (which in and of itself is weird, as most gangs will not acknowledge payment). But then yesterday, Nova changed the listing and seems to now be demanding more payment because the police got involved? It's very hard to figure out what Nova is saying in their broken English and translations of where they now write in Russian. See what you think:<a href="https://databreaches.net/2025/08/19/when-a-deal-is-not-a-done-deal-nova-demands-higher-payment-from-clinical-diagnostics/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2025/08/19/when-a-deal-is-not-a-done-deal-nova-demands-higher-payment-from-clinical-diagnostics/</a><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a>

Chum1ng0 - Security Research :verified:<a href="https://infosec.exchange/tags/Brazil" class="mention hashtag" rel="nofollow noopener" target="_blank">#Brazil</a>: 121,981 files were exposed without security on a server containing health documents.*I contacted the Acqua Institute via email reporting their server being compromised, attaching this email with CERT BR; none of these entities responded to my email*-The server was blocked on July 16th--I tried to contact the ANPD (National Data Protection Authority) but never received a response.-I contacted a data protection expert who answered my questions that the ANPD couldn't answer via email.-The data controller may have informed the ANPD, we don't know...Read more: <a href="https://medium.com/@newschu.substack.com/brazil-121-981-files-were-exposed-without-security-on-a-server-containing-health-documents-50dee9f31bb1" rel="nofollow noopener" translate="no" target="_blank">https://medium.com/@newschu.substack.com/brazil-121-981-files-were-exposed-without-security-on-a-server-containing-health-documents-50dee9f31bb1</a><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/@PogoWasRight" class="u-url mention" rel="nofollow noopener" target="_blank">@PogoWasRight</a>

Dissent Doe :cupofcoffee:Well, I've had it. The firm responsible for exposed court and prosecution files from at least two states has not responded to phone calls, emails, LinkedIn messages, or contacts by their host. On Saturday, I called the FBI tip line and let them know what's going on. Maybe the FBI will call me and ask me for the IP addresses so they can call the firm and tell them to lock down the damned shares. Then today, I filed a formal <a href="https://infosec.exchange/tags/FTC" class="mention hashtag" rel="nofollow noopener" target="_blank">#FTC</a> complaint against the firm for violation of Section 5 of the FTC Act for its inadequate security, its failure to have any procedure to receive, evaluate, and escalate third -party alerts of security issues, and for using the same password in all client installations for a Msql SQL database.And oh, last night I learned that a court system in a third state was not only exposed, too, but was hit by ransomware in March. Lovely. <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/FTC" class="mention hashtag" rel="nofollow noopener" target="_blank">#FTC</a> <a href="https://infosec.exchange/tags/govsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#govsec</a> <a href="https://infosec.exchange/tags/judiciary" class="mention hashtag" rel="nofollow noopener" target="_blank">#judiciary</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a>

al3xhey friends, still me, still sharing roles even in the full of summer. someone i know is the SOC lead for a MSSP and is looking for a DFIR person for a weekend 4/10 shift. anyone interested? hmu with your linkedin and i’ll pass along 😊<a href="https://infosec.exchange/tags/getfedihired" class="mention hashtag" rel="nofollow noopener" target="_blank">#getfedihired</a> <a href="https://infosec.exchange/tags/dfir" class="mention hashtag" rel="nofollow noopener" target="_blank">#dfir</a> <a href="https://infosec.exchange/tags/soc" class="mention hashtag" rel="nofollow noopener" target="_blank">#soc</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a>

Dissent Doe :cupofcoffee:So as a quick update on the issue of two state courts that we know of exposing sealed records: Last night, those of us still trying to figure out who was responsible figured it out -- it is a vendor (third-party) who is responsible for the exposed shares. With the researcher's cooperation and input, I sent a detailed email last night to the only email address that vendor has on their website. No reply was received, of course. So I just called their main number... and started to tell them why I was calling, and they hung up on me.😡 I just called back. They didn't answer the phone, so I left a VM on their administrative offices' extension. If the firm doesn't call me back or lock down those shares today, expect me to say more here tomorrow. It is now 1 month since people started trying to get these shares secured. None of us are paid to do this. And getting hung up on should get the company a <a href="https://infosec.exchange/tags/CID" class="mention hashtag" rel="nofollow noopener" target="_blank">#CID</a> from the <a href="https://infosec.exchange/tags/FTC" class="mention hashtag" rel="nofollow noopener" target="_blank">#FTC</a> in a more perfect world -- to ask what their procedures and policies are for receiving a security alert from an external (third) party.<a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a>

Dissent Doe :cupofcoffee:Promises, promises. Exclusive: Brosix and Chatox promised to keep your chats secured. They didn’t.A researcher found a misconfigured backup with -- yes, you guessed it -- everything in plaintext instead of encrypted. Some entities that used the service are medical entities that were actually mentioning protected health information or attaching files with <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener" target="_blank">#PHI</a> in the chat. There were almost 5k Allstate employees using the service and sharing customer <a href="https://infosec.exchange/tags/PII" class="mention hashtag" rel="nofollow noopener" target="_blank">#PII</a> in files. And oh yeah, I found one company gossiping about me and plotting against me after I notified them they were leaking tons of <a href="https://infosec.exchange/tags/PHI" class="mention hashtag" rel="nofollow noopener" target="_blank">#PHI</a>. I've done them a favor by not publishing all their chat logs about me. :) There also appeared to be some "dodgy" stuff on the backup, too. Read the details about the exposed backup in my post at <a href="https://databreaches.net/2025/08/05/exclusive-brosix-and-chatox-promised-to-keep-your-chats-secured-they-didnt/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2025/08/05/exclusive-brosix-and-chatox-promised-to-keep-your-chats-secured-they-didnt/</a><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#encryption</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/chatox" class="mention hashtag" rel="nofollow noopener" target="_blank">#chatox</a> <a href="https://infosec.exchange/tags/brosix" class="mention hashtag" rel="nofollow noopener" target="_blank">#brosix</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a><a href="https://mastodon.social/@zackwhittaker" class="u-url mention" rel="nofollow noopener" target="_blank">@zackwhittaker</a>

Dissent Doe :cupofcoffee:A number of sites are misreporting a Premier Health Partners breach as affecting 154,731 patients. That number was actually a partial number from an earlier incident and not from the 2023 one they have just issued a press release about. More background and details at:<a href="https://databreaches.net/2025/07/20/premier-health-partners-issues-a-press-release-about-a-breach-two-years-ago-why-was-this-needed-now/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2025/07/20/premier-health-partners-issues-a-press-release-about-a-breach-two-years-ago-why-was-this-needed-now/</a><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#HIPAA</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a>

Pen Test PartnersA critical vulnerability in old Telerik software gave an attacker remote code execution on an SFTP-only Windows server. That meant they didn’t need credentials, antivirus didn’t trigger, and default log sizes meant almost nothing useful was captured.From there? PowerShell exclusions, admin account created, RDP tunnelled in via Ngrok, ransomware deployed. They even opened Pornhub either to cover traffic or celebrate the moment. Who knows?This attack wasn’t subtle. But it worked because basic controls were missing. We’ve broken down the incident. Plus, recommendations you can act on now to prevent the same thing.📌<a href="https://www.pentestpartners.com/security-blog/sil3ncer-deployed-rce-porn-diversion-and-ransomware-on-an-sftp-only-server/" rel="nofollow noopener" translate="no" target="_blank">https://www.pentestpartners.com/security-blog/sil3ncer-deployed-rce-porn-diversion-and-ransomware-on-an-sftp-only-server/</a><a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ransomware</a> <a href="https://infosec.exchange/tags/ThreatDetection" class="mention hashtag" rel="nofollow noopener" target="_blank">#ThreatDetection</a> <a href="https://infosec.exchange/tags/DigitalForensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#DigitalForensics</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a>

Brian Greenberg :verified:A major cybersecurity legal case is moving forward. ✈️ Delta Air Lines proceeding with its $550M+ lawsuit against CrowdStrike over the July 2024 outage that canceled 7,000 flights and impacted 1.3M passengers.⚖️ The court allowed claims of: 🧠 Gross negligence 💻 Computer trespass 🕵️‍♂️ Limited fraud📉 Delta claims the update could have been caught with a simple test. CrowdStrike is pushing back, saying damages should be limited under Georgia law. This case may redefine how courts view software vendor liability, especially for updates in critical infrastructure.💬 Should companies expect higher legal accountability for third-party software failures?<a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/Delta" class="mention hashtag" rel="nofollow noopener" target="_blank">#Delta</a> <a href="https://infosec.exchange/tags/CrowdStrike" class="mention hashtag" rel="nofollow noopener" target="_blank">#CrowdStrike</a> <a href="https://infosec.exchange/tags/LegalTech" class="mention hashtag" rel="nofollow noopener" target="_blank">#LegalTech</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a><a href="https://www.reuters.com/sustainability/boards-policy-regulation/delta-can-sue-crowdstrike-over-computer-outage-that-caused-7000-canceled-flights-2025-05-19/" rel="nofollow noopener" translate="no" target="_blank">https://www.reuters.com/sustainability/boards-policy-regulation/delta-can-sue-crowdstrike-over-computer-outage-that-caused-7000-canceled-flights-2025-05-19/</a>

Dissent Doe :cupofcoffee:In August 2020, <a href="https://infosec.exchange/@SchizoDuckie" class="u-url mention" rel="nofollow noopener" target="_blank">@SchizoDuckie</a> and I published what was to become the first of a series of articles or posts called "No Need to Hack When It's Leaking."In today's installment, I bring you "No Need to Hack When It's Leaking: Brandt Kettwick Defense Edition." It chronicles efforts by <a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@JayeLTee</a>, <a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@masek</a>, and I to alert a Minnesota law firm to lock down their exposed files, some of which were quite sensitive.Read the post and see how even the state's Bureau of Criminal Apprehension had trouble getting this law firm to respond appropriately. <a href="https://databreaches.net/2025/07/04/no-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2025/07/04/no-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/</a>Great thanks to the Minnesota Bureau of Criminal Apprehension for their help on this one, and to <a href="https://infosec.exchange/@TonyYarusso" class="u-url mention" rel="nofollow noopener" target="_blank">@TonyYarusso</a> and <a href="https://hachyderm.io/@bkoehn" class="u-url mention" rel="nofollow noopener" target="_blank">@bkoehn</a> for their efforts. <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://infosec.exchange/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#misconfiguration</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/incidentmanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentmanagement</a> <a href="https://infosec.exchange/tags/responsibledisclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#responsibledisclosure</a> <a href="https://infosec.exchange/tags/securityalert" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityalert</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a>

Walker<a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@GossiTheDog</a> See, this is why I like this field, when people are involved you always see something new. The third party ransomware negotiator, negotiated kickbacks from the ransomware actor when negotiating the ransom payment for their client. Amazing.<a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a>

Dissent Doe :cupofcoffee:With great thanks to <a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@masek</a> and <a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@JayeLTee</a> and others who assisted or tried to, including Rogers ISP and law enforcement in Canada, we can finally say:Bolton Walk-In Clinic patient data leak locked down! Read about this very frustrating effort to get exposed patient data locked down:<a href="https://databreaches.net/2025/06/30/bolton-walk-in-clinic-patient-data-leak-locked-down-finally/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2025/06/30/bolton-walk-in-clinic-patient-data-leak-locked-down-finally/</a><a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/PHIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#PHIPA</a> <a href="https://infosec.exchange/tags/HIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#HIPA</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#infosec</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a>

Dissent Doe :cupofcoffee:<a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@masek</a> <a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@JayeLTee</a> For the life of me, I cannot understand why this got kicked over to the anti-rackets branch, but thank you for what you managed to accomplish. I will post an update to this leak on my blog sometime this week, but in the interim:Any patients of the Bolton Walk-In Clinic should consider filing a complaint with the provincial Privacy Commission and requesting an investigation into the clinic's failure to comply with medical privacy laws such as PHIPA. IMO, the IPC should also be asked to require the clinic to notify every patient whose unencrypted information was exposed. Additional details about earlier efforts by <a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@JayeLTee</a> and I to get this leak secured can be found in my post at <a href="https://databreaches.net/2024/12/03/bolton-walk-in-clinic-in-ontario-lock-down-your-backup-already/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2024/12/03/bolton-walk-in-clinic-in-ontario-lock-down-your-backup-already/</a><a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#dataleak</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/PHIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#PHIPA</a> <a href="https://infosec.exchange/tags/Ontario" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ontario</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#healthsec</a>

The DFIR ReportAnnouncing the DFIR Labs Digital Forensics Challenge - Enterprise Edition! This isn't another textbook simulation. We're giving your team exclusive access to a brand-new, unreleased case from a real incident.🗓️ When: August 30, 2025 (14:00 – 18:00 UTC) 🛠️ Choose your SIEM: Azure Log Analytics, Elastic, or Splunk. 🕵️ Your Squad: Form a team of 2-3 analysts. 🏆 The Glory: Solve the case, claim bragging rights, and win prizes for the top team!Spaces are limited. Assemble your elite team and register now to secure your spot!Register Here: <a href="https://dfirlabs.thedfirreport.com/dfirchallenge-enterprise-edition" rel="nofollow noopener" translate="no" target="_blank">https://dfirlabs.thedfirreport.com/dfirchallenge-enterprise-edition</a><a href="https://infosec.exchange/tags/DFIR" class="mention hashtag" rel="nofollow noopener" target="_blank">#DFIR</a> <a href="https://infosec.exchange/tags/DigitalForensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#DigitalForensics</a> <a href="https://infosec.exchange/tags/IncidentResponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#IncidentResponse</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#InfoSec</a>

Dissent Doe :cupofcoffee:McLaren provides written notice to 743,131 patients after ransomware attack in July 2024:<a href="https://databreaches.net/2025/06/22/mclaren-provides-written-notice-to-743131-patients-after-ransomware-attack-in-july-2024/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2025/06/22/mclaren-provides-written-notice-to-743131-patients-after-ransomware-attack-in-july-2024/</a><a href="https://infosec.exchange/tags/HealthSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#HealthSec</a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/encryption" class="mention hashtag" rel="nofollow noopener" target="_blank">#encryption</a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#extortion</a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#transparency</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> This was their second ransomware attack in a year. Personal injury lawyers are already recruiting plaintiffs. <a href="https://mastodon.social/@campuscodi" class="u-url mention" rel="nofollow noopener" target="_blank">@campuscodi</a> <a href="https://infosec.exchange/@amvinfe" class="u-url mention" rel="nofollow noopener" target="_blank">@amvinfe</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@brett</a>

Frontend DogmaWant to Be a Better Frontend Engineer? Try a Week On-Call, by (not on Mastodon or Bluesky):<a href="https://denodell.com/blog/try-a-week-on-call" rel="nofollow noopener" translate="no" target="_blank">https://denodell.com/blog/try-a-week-on-call</a><a href="https://mas.to/tags/career" class="mention hashtag" rel="nofollow noopener" target="_blank">#career</a> <a href="https://mas.to/tags/training" class="mention hashtag" rel="nofollow noopener" target="_blank">#training</a> <a href="https://mas.to/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a>

Dissent Doe :cupofcoffee:Attribution is hard, Thursday edition...NEW by me: A guilty plea in the PowerSchool case still leaves unanswered questions<a href="https://databreaches.net/2025/06/12/a-guilty-plea-in-the-powerschool-case-still-leaves-unanswered-questions/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2025/06/12/a-guilty-plea-in-the-powerschool-case-still-leaves-unanswered-questions/</a><a href="https://infosec.exchange/tags/PowerSchool" class="mention hashtag" rel="nofollow noopener" target="_blank">#PowerSchool</a> <a href="https://infosec.exchange/tags/hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#hack</a> <a href="https://infosec.exchange/tags/extortion" class="mention hashtag" rel="nofollow noopener" target="_blank">#extortion</a> <a href="https://infosec.exchange/tags/attribution" class="mention hashtag" rel="nofollow noopener" target="_blank">#attribution</a> <a href="https://infosec.exchange/tags/transparency" class="mention hashtag" rel="nofollow noopener" target="_blank">#transparency</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/@douglevin" class="u-url mention" rel="nofollow noopener" target="_blank">@douglevin</a> <a href="https://freeradical.zone/@funnymonkey" class="u-url mention" rel="nofollow noopener" target="_blank">@funnymonkey</a> <a href="https://journa.host/@mkeierleber" class="u-url mention" rel="nofollow noopener" target="_blank">@mkeierleber</a> <a href="https://infosec.exchange/@brett" class="u-url mention" rel="nofollow noopener" target="_blank">@brett</a>

Healthcare IT Security RobotDATE: June 05, 2025 at 08:37AM SOURCE: HEALTHCARE INFO SECURITYDirect article link at end of text block below.What are the most commonly overlooked details of <a href="https://mastodon.clinicians-exchange.org/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a> <a href="https://mastodon.clinicians-exchange.org/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> plans? <a href="https://t.co/cL89jDVfGq" rel="nofollow noopener" translate="no" target="_blank">https://t.co/cL89jDVfGq</a>Here are any URLs found in the article text: <a href="https://t.co/cL89jDVfGq" rel="nofollow noopener" translate="no" target="_blank">https://t.co/cL89jDVfGq</a>Articles can be found by scrolling down the page at <a href="https://www.healthcareinfosecurity.com/" rel="nofollow noopener" translate="no" target="_blank">https://www.healthcareinfosecurity.com/</a> under the title "Latest"-------------------------------------------------Private, vetted email list for mental health professionals: <a href="https://www.clinicians-exchange.org" rel="nofollow noopener" translate="no" target="_blank">https://www.clinicians-exchange.org</a>Healthcare security & privacy posts not related to IT or infosec are at <a href="https://mastodon.clinicians-exchange.org/@HIPAABot" class="u-url mention" rel="nofollow noopener" target="_blank">@HIPAABot</a> . Even so, they mix in some infosec with the legal & regulatory information.-------------------------------------------------<a href="https://mastodon.clinicians-exchange.org/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mastodon.clinicians-exchange.org/tags/healthcare" class="mention hashtag" rel="nofollow noopener" target="_blank">#healthcare</a> <a href="https://mastodon.clinicians-exchange.org/tags/doctors" class="mention hashtag" rel="nofollow noopener" target="_blank">#doctors</a> <a href="https://mastodon.clinicians-exchange.org/tags/itsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#itsecurity</a> <a href="https://mastodon.clinicians-exchange.org/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://mastodon.clinicians-exchange.org/tags/doxxing" class="mention hashtag" rel="nofollow noopener" target="_blank">#doxxing</a> <a href="https://mastodon.clinicians-exchange.org/tags/psychotherapy" class="mention hashtag" rel="nofollow noopener" target="_blank">#psychotherapy</a> <a href="https://mastodon.clinicians-exchange.org/tags/securitynews" class="mention hashtag" rel="nofollow noopener" target="_blank">#securitynews</a> <a href="https://mastodon.clinicians-exchange.org/tags/psychotherapist" class="mention hashtag" rel="nofollow noopener" target="_blank">#psychotherapist</a> <a href="https://mastodon.clinicians-exchange.org/tags/mentalhealth" class="mention hashtag" rel="nofollow noopener" target="_blank">#mentalhealth</a> <a href="https://mastodon.clinicians-exchange.org/tags/psychiatry" class="mention hashtag" rel="nofollow noopener" target="_blank">#psychiatry</a> <a href="https://mastodon.clinicians-exchange.org/tags/hospital" class="mention hashtag" rel="nofollow noopener" target="_blank">#hospital</a> <a href="https://mastodon.clinicians-exchange.org/tags/socialwork" class="mention hashtag" rel="nofollow noopener" target="_blank">#socialwork</a> <a href="https://mastodon.clinicians-exchange.org/tags/datasecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#datasecurity</a> <a href="https://mastodon.clinicians-exchange.org/tags/webbeacons" class="mention hashtag" rel="nofollow noopener" target="_blank">#webbeacons</a> <a href="https://mastodon.clinicians-exchange.org/tags/cookies" class="mention hashtag" rel="nofollow noopener" target="_blank">#cookies</a> <a href="https://mastodon.clinicians-exchange.org/tags/HIPAA" class="mention hashtag" rel="nofollow noopener" target="_blank">#HIPAA</a> <a href="https://mastodon.clinicians-exchange.org/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#privacy</a> <a href="https://mastodon.clinicians-exchange.org/tags/datanalytics" class="mention hashtag" rel="nofollow noopener" target="_blank">#datanalytics</a> <a href="https://mastodon.clinicians-exchange.org/tags/healthcaresecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#healthcaresecurity</a> <a href="https://mastodon.clinicians-exchange.org/tags/healthitsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#healthitsecurity</a> <a href="https://mastodon.clinicians-exchange.org/tags/patientrecords" class="mention hashtag" rel="nofollow noopener" target="_blank">#patientrecords</a> <a href="https://a.gup.pe/u/infosec" class="u-url mention" rel="nofollow noopener" target="_blank">@infosec</a> <a href="https://mastodon.clinicians-exchange.org/tags/telehealth" class="mention hashtag" rel="nofollow noopener" target="_blank">#telehealth</a> <a href="https://mastodon.clinicians-exchange.org/tags/netneutrality" class="mention hashtag" rel="nofollow noopener" target="_blank">#netneutrality</a> <a href="https://mastodon.clinicians-exchange.org/tags/socialengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#socialengineering</a>

Dissent Doe :cupofcoffee:It looks like the Gunra ransomware gang is escalating its leak of data from American Hospital Dubai ("AHD"). Their spokesperson informs me that they are planning to leak the data on the clearnet so more people will have access to downloading it. AHD did not respond to my email inquiries yesterday. A second request was emailed to them this morning. Background on this attack and AHD's internal communications about the breach:<a href="https://databreaches.net/2025/06/04/ransomware-group-gunra-claims-to-have-exfiltrated-450-million-patient-records-from-american-hospital-dubai/" rel="nofollow noopener" translate="no" target="_blank">https://databreaches.net/2025/06/04/ransomware-group-gunra-claims-to-have-exfiltrated-450-million-patient-records-from-american-hospital-dubai/</a><a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#databreach</a> <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#ransomware</a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#incidentresponse</a> <a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#healthsec</a> <a href="https://infosec.exchange/tags/UAE" class="mention hashtag" rel="nofollow noopener" target="_blank">#UAE</a> <a href="https://infosec.exchange/tags/Gunra" class="mention hashtag" rel="nofollow noopener" target="_blank">#Gunra</a>

Recent searches

Search options

Administered by:

Server stats:

#incidentresponse