After negotiations failed when the game studio refused to pay the $2 million ransom, Rhysida dumped 1,67 TB of documents on its dark web leak site.

"We are aware that the stolen data includes personal information belonging to our employees, former employees, and independent contractors."

"SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández said.

The five malicious apps are:

1. Phone Cleaner - File Explorer (com.volabs.androidcleaner)
2. PDF Viewer - File Explorer (com.xolab.fileexplorer)
3. PDF Reader - Viewer & Editor (com.jumbodub.fileexplorerpdfviewer)
4. Phone Cleaner: File Explorer (com.appiclouds.phonecleaner)
5. PDF Reader: File Manager (com.tragisoap.fileandpdfmanager)

However, this bug caused some DNS queries to be sent to the DNS server configured on the computer, usually a server at the user's ISP, allowing the server to track a user's browsing habits.

The company said the exposure includes names, dates of birth, insurer details, social security numbers, marital status, civil status, and guarantees open to third-party payment.

No exploitations have been observed in the wild as of yet, according to the company's European site, but owners should scan for indicators of compromise given that the bugs have been publicly known but unpatched for months.

Beyond the obvious step of updating to the latest firmware, Canon is advising its customers to "set a private IP address for the products and create a network environment with a firewall or wired/Wi-Fi router that can restrict network access."

Ex-CIA software engineer who leaked to WikiLeaks sentenced to 40 years

2 Feb 2024

Joshua Schulte had been found guilty of handing over classified materials in so-called Vault 7 leak.

The so-called Vault 7 leak was a major embarrassment for the CIA [File: Larry Downing/Reuters]

A former CIA software engineer has been sentenced to 40 years in prison for leaking classified information and possessing child sexual abuse material.

Joshua Schulte, 35, was found guilty in 2022 of four counts each of espionage and computer hacking and one count of lying to FBI agents after handing over classified materials to whistleblowing organisation WikiLeaks.

Schulte was also convicted of contempt of court and making false statements in 2020, and possession of child abuse material last year.

The bulk of the sentence announced on Thursday was imposed over the so-called Vault 7 leak, which revealed embarrassing details of the CIA’s spying overseas.

The leak, which the CIA called a “digital Pearl Harbor”, showed how US spies hacked Apple and Android smartphones and sought to turn internet-connected televisions into listening devices.

The security breach prompted US officials to plan for an “all-out war” against Wikileaks, including discussing the possible kidnapping or assassination of its founder Julian Assange, Yahoo News reported, citing anonymous officials.

Assange was indicted on espionage charges in 2019 – a move that prompted condemnation by press freedom organisations – and is currently in Britain fighting extradition to the US.

Judge Jesse M Furman said the full extent of the damage caused by Schulte would likely never be known “but I have no doubt it was massive”.

Furman said Schulte had also continued to commit crimes while in jail by trying to leak more classified materials and by creating a hidden file on his computer that contained child sexual abuse images.

US Attorney Damian Williams said in a statement that Schulte had committed some of the “most brazen, heinous crimes of espionage in American history”.

“He caused untold damage to our national security in his quest for revenge against the CIA for its response to Schulte’s security breaches while employed there,” Williams said.

Addressing the court ahead of his sentencing, Schulte complained about harsh conditions he had endured in detention, including being denied hot water and being subjected to constant noise and artificial light.

Schulte also said it was unfair for prosecutors to seek a life sentence as they had previously offered a plea deal that would have seen him sentenced to 10 years in prison.

“This is not justice the government seeks, but vengeance,” he said.

cross-posted from: https://lemy.lol/post/18411383

I just got the email from haveibeenpwned. F Trello.