banner
LightNews
mathewjschwartz.bsky.social
Mathew J Schwartz
@mathewjschwartz.bsky.social
140 followers 95 following 620 posts
Cybersecurity reporter
Posts Media Videos Starter Packs
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 1m
A Cambodian multinational conglomerate with ties to the country's ruling elite is actually a transnational criminal group raking in tens of millions per day from online scams perpetuated by forced labor held in compounds, say federal prosecutors.
www.govinfosecurity.com/cambodian-co...
Cambodian Conglomerate a 'Pig Butchering' Outfit, Says US
A Cambodian multinational conglomerate with ties to the country's ruling elite is actually a transnational criminal group raking in tens of millions per day from
www.govinfosecurity.com
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 2h
Fix for Confidential Virtual Machine flaw: AMD is in the process of pushing patches to users and OEMs, to fix SEV-SNP race condition vulnerability (CVE-2025-0033) in its processors. www.databreachtoday.com/confidential...
Confidential Virtual Machine Flaw: AMD Patch Push Underway
Chipmaker Advanced Micro Devices is issuing fixes for a vulnerability in multiple types of processors, dubbed "RMPocalypse," that attackers could exploit
www.databreachtoday.com
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 2h
Cybersecurity market moves: Code review platform Snyk finds itself at crossroads as its IPO prospects dim
www.databreachtoday.com/blogs/snyk-f...
Snyk Finds Itself at Crossroads as Its IPO Prospects Dim
Slowing growth, continued losses and increased competition have turned a Snyk IPO into an increasingly unlikely prospect. The Information reported this month that Snyk has spoken with at least three…
www.databreachtoday.com
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 17h
Pro-Russia hacktivists fall for cybersecurity firm's fake water utility honeypot network
www.databreachtoday.com/pro-russian-...
Pro-Russian TwoNet Hacktivists Target Water Utility Honeypot
A pro-Russian hacktivist group boasted on Telegram that it hacked a Western water treatment plant - but actually succeeded in attacking a honeypot left by security
www.databreachtoday.com
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 20h
Europe postpones 'chat control' vote
www.databreachtoday.com/europe-postp...
Europe Postpones 'Chat Control' Vote
A European content scanning proposal intended to enhance online child safety stalled after German lawmakers voiced opposition and member states canceled a planned
www.databreachtoday.com
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 1d
Salesforce customer-targeting extortion group leaks data after FBI disruption www.databreachtoday.com/salesforce-e...
Salesforce Extortion Group Leaks Data After FBI Disruption
A ransomware group that's been extorting Salesforce customers leaked some stolen data, following the FBI disrupting its shakedown sites. ShinyHunters, part of the
www.databreachtoday.com
2 1
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 1d
Totally legit, totally
1 1
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 1d
Salesforce extortion group Scattered Lapsus$ Hunters leaked 6 victims' data, following the FBI disrupting its data-leak sites, and claims that's the end of its Salesforce leaks. "What was leaked was leaked - we are not leaking anything else because we can't." www.databreachtoday.com/salesforce-e...
Salesforce Extortion Group Leaks Data After FBI Disruption
A ransomware group that's been extorting Salesforce customers leaked some stolen data, following the FBI disrupting its shakedown sites. ShinyHunters, part of the
www.databreachtoday.com
1 2
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 2d
As geopolitical chaos increases, the US government's lead cybersecurity agency CISA is in disarray amid the ongoing government shutdown due to growing political threats, personnel cuts and a mounting resource crisis www.govinfosecurity.com/cisa-in-disa...
CISA in Disarray Amid Shutdown and Growing Political Threats
Facing major turnover, partisan upheaval and a government shutdown, the U.S. cyber defense agency is now operating at a fraction of its strength, leaving states and
www.govinfosecurity.com
1
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 2d
Fortra confirms 'unauthorized activity' hit GoAnywhere MFT, with Medusa ransomware group tied to exploits of now-patched zero-day vulnerability www.databreachtoday.com/fortra-confi...
Fortra Confirms 'Unauthorized Activity' Hit GoAnywhere MFT
Recent attacks targeting Fortra's GoAnywhere managed file transfer software exploited a "limited" number of customers who set their on-premises
www.databreachtoday.com
Reposted by Mathew J Schwartz
ransomwaresommelier.com
Allan “Ransomware Sommelier” Liska @ransomwaresommelier.com · 2d
In hono[u]r of spooky month, share a 4 word horror story that only someone in your profession would understand.

"No evidence data stolen"

h/t the amazing @zackwhittaker.com for highlighting this thread in his newsletter.
tyranny.sparklenoise.com
🫧 Spark Elation 🫧 @tyranny.sparklenoise.com · 3d
In honour of spooky month, share a 4 word horror story that only someone in your profession would understand.

“a supply chain attack”
queenoliviaiii.com
Queen Olivia III @queenoliviaiii.com · 3d
In honour of spooky month, share a 4 word horror story that only someone in your profession would understand.

“The tapes wouldn’t start”
2 5 16
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 4d
Weekly Cryptohack Roundup
—North Korean threat actors set a new record, stealing $2 billion this year (so far)
—Hackers steal $21M from SBI crypto
—Shibarium plans reimbursement for $4M bridge exploit victims
—Abracadabra loses $1.8M in a hack
www.databreachtoday.com/cryptohack-r...
Cryptohack Roundup: $21 Million SBI Crypto Heist
This week, hackers stole $21 million from SBI crypto, Shibarium planned reimbursement for $4 million bridge exploit victims, Abracadabra lost $1.8 million in a hack
www.databreachtoday.com
1
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 4d
Weekly Data Breach Roundup:
—Moody's survey finds insurers keen for cybersecurity spending
—Renault sees third-party breach in U.K.
—WhatsApp malware campaign hits Brazil
—Germany skeptical of Chat Control
—UK teens arrested over a ransomware hit on nursery
www.databreachtoday.com/breach-round...
Breach Roundup: Insurers Spend Big on Cybersecurity
This week, insurer cybersecurity spending, a Renault breach, a WhatsApp malware campaign in Brazil. Germany skeptical of Chat Control. Two UK teens arrested for
www.databreachtoday.com
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 5d
Pressure tactics: Salesforce rebuffs ShinyHunters data-extortion group's ransom demand, as the criminals behind the Salesloft breach continue to shake down Salesforce-using customers.
www.databreachtoday.com/salesforce-r...
Salesforce Rebuffs ShinyHunters Extortionists' Ransom Demand
Customer relationship management software giant Salesforce has directly notified customers that it won't be complying with ransom demands issued by the
www.databreachtoday.com
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 5d
Clop attacks against Oracle E-Business Suite users trace to at least August, with researchers seeing signs of multiple exploit chains—one featuring a zero-day—as well as "a significant amount of data" being stolen. www.databreachtoday.com/clop-attacks...
Clop Attacks Against Oracle E-Business Suite Trace to July
Data-stealing attacks targeting Oracle E-Business Suite, for which an affiliate of Russian-speaking Clop ransomware group is claiming credit, appear to have begun
www.databreachtoday.com
1
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 5d
AI security goes mainstream as vendors spend heavily on M&A
www.databreachtoday.com/blogs/ai-sec...
AI Security Goes Mainstream as Vendors Spend Heavily on M&A
As autonomous AI grows, so does the security risk. Prompt injection, identity control and AI observability are at the center of a dozen recent acquisitions, as vendors including Cisco, CrowdStrike,…
www.databreachtoday.com
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 5d
How China spies: A Chinese civilian intelligence agency is at the center of a network of semi-autonomous organizations that power the elaborate and ever more sophisticated world of Beijing cyberespionage. www.databreachtoday.com/researchers-...
Researchers Out Front Companies for Chinese Intelligence
Beware previously undocumented front companies for China's main intelligence service that appear to be tasked with gathering and developing steganography, digital
www.databreachtoday.com
1 2
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 6d
Underage spies: Arrests underscore fears of teen cyberespionage recruitment
www.databreachtoday.com/arrests-unde...
Arrests Underscore Fears of Teen Cyberespionage Recruitment
The late September arrest of two teenagers in the Netherlands on suspicion of capturing Wi-Fi signals for pro-Russian hackers has sparked warnings from security
www.databreachtoday.com
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 6d
Germany under pressure to oppose EU chat control proposal, as Signal and rights groups urge Berlin to reject CSAM proposal ahead of key EU vote
www.databreachtoday.com/germany-unde...
Germany Under Pressure to Oppose EU Chat Control Proposal
The German federal government is under pressure to withdraw support for a European Union content scanning proposal that critics argue poses large-scale privacy
www.databreachtoday.com
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 7d
Oracle E-Business Suite users under fire: Oracle patches zero-day, as experts warn users to update EBS and also review their systems for signs of compromise. www.databreachtoday.com/oracle-zero-...
Oracle Zero-Day and More Being Exploited by Ransomware Group
Oracle patched a zero-day vulnerability in Oracle E-Business Suite and urged customers to immediately install the fix. The flaw has been exploited since August by
www.databreachtoday.com
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 7d
Medusa ransomware affiliates tied to zero-day attacks against Fortra GoAnywhere MFT software as experts urge all customers to ensure they're running the latest, fully patched version. www.databreachtoday.com/medusa-ranso...
Medusa Ransomware Affiliates Tied to Fortra GoAnywhere Hacks
Affiliates of Russian-speaking ransomware operation Medusa began targeting a zero-day vulnerability in widely used Fortra GoAnywhere Managed File Transfer software
www.databreachtoday.com
1
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 7d
Why Veeam is eyeing $1.8 billion buy of AI security firm Securiti
www.databreachtoday.com/blogs/veeam-...
Why Veeam Is Eyeing a $1.8B Buy of AI Security Firm Securiti
Bloomberg reported that data protection and ransomware recovery giant Veeam is in advanced talks to buy DSPM and AI security vendor Securiti for $1.8 billion, with an announcement coming as soon as this...
www.databreachtoday.com
1
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 8d
British car maker Jaguar Land Rover has begun a phased restoration of operations following a month of cyberattack-induced idleness.
www.databreachtoday.com/jaguar-land-...
Jaguar Land Rover Slowly Starts Making Cars Again
British car maker Jaguar Land Rover began on Monday a phased restoration of operations following a month of cyberattack-induced idleness. Fears of large-scale job
www.databreachtoday.com
1 1
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 11d
Weekly Cryptohack Roundup
—White House pulls nomination for Quintenz to lead Commodity Futures Trading Commission
—Canada fines KuCoin $14M for AML violations
—Texas brothers charged in $8M kidnapping case
—Ex-LASD deputy admits business extortion scam
www.databreachtoday.com/cryptohack-r...
Cryptohack Roundup: White House Pulls CFTC Chair Nom
This week, Brian Quintenz won't lead the U.S. CFTC, Canada fined KuCoin $14M, Texas brothers charged in an $8M kidnapping case, South Korean actor given suspended
www.databreachtoday.com
1 2
mathewjschwartz.bsky.social
Mathew J Schwartz @mathewjschwartz.bsky.social · 11d
Red Hat confirms consulting arm's GitLab instance breached and data stolen. The breach involves information pertaining to up to 28,000 customers, including banks and US government agencies. www.databreachtoday.com/red-hat-conf...
Red Hat Confirms Consulting Arm's GitLab Instance Breached
Commercial Linux distribution producer Red Hat has issued a security alert warning that attackers stole customer data from its consulting arm's GitLab instance. The
www.databreachtoday.com