Security researchers say they believe financially motivated cybercriminals have stolen a "significant volume of data" from hundreds of customers hosting their vast banks of data with cloud storage giant Snowflake. TechCrunch: Incident response firm Mandiant, which is working with Snowflake to investigate the recent spate of data thefts, said in a blog post Monday that the two firms have notified around 165 customers that their data may have been stolen. It's the first time that the number of affected Snowflake customers has been disclosed since the account hacks began in April. Snowflake has said little to date about the attacks, only that a "limited number" of its customers are affected. The cloud data giant has more than 9,800 corporate customers, like healthcare organizations, retail giants and some of the world's largest tech companies, which use Snowflake for data analytics.

New Atlas reports on a research team that successfuly used GPT-4 to exploit 87% of newly-discovered security flaws for which a fix hadn't yet been released. This week the same team got even better results from a team of autonomous, self-propagating Large Language Model agents using a Hierarchical Planning with Task-Specific Agents (HPTSA) method: Instead of assigning a single LLM agent trying to solve many complex tasks, HPTSA uses a "planning agent" that oversees the entire process and launches multiple "subagents," that are task-specific... When benchmarked against 15 real-world web-focused vulnerabilities, HPTSA has shown to be 550% more efficient than a single LLM in exploiting vulnerabilities and was able to hack 8 of 15 zero-day vulnerabilities. The solo LLM effort was able to hack only 3 of the 15 vulnerabilities.
"Our findings suggest that cybersecurity, on both the offensive and defensive side, will increase in pace," the researchers conclude. "Now, black-hat actors can use AI agents to hack websites. On the other hand, penetration testers can use AI agents to aid in more frequent penetration testing. It is unclear whether AI agents will aid cybersecurity offense or defense more and we hope that future work addresses this question.

"Beyond the immediate impact of our work, we hope that our work inspires frontier LLM providers to think carefully about their deployments."

Thanks to long-time Slashdot reader schwit1 for sharing the article.

Slashdot reader storagedude shared this report from The Cyber Express: A security researcher discovered an exploitable timing leak in the Kyber key encapsulation mechanism (KEM) that's in the process of being adopted by NIST as a post-quantum cryptographic standard. Antoon Purnal of PQShield detailed his findings in a blog post and on social media, and noted that the problem has been fixed with the help of the Kyber team. The issue was found in the reference implementation of the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) that's in the process of being adopted as a NIST post-quantum key encapsulation standard. "A key part of implementation security is resistance against side-channel attacks, which exploit the physical side-effects of cryptographic computations to infer sensitive information," Purnal wrote.

To secure against side-channel attacks, cryptographic algorithms must be implemented in a way so that "no attacker-observable effect of their execution depends on the secrets they process," he wrote. In the ML-KEM reference implementation, "we're concerned with a particular side channel that's observable in almost all cryptographic deployment scenarios: time." The vulnerability can occur when a compiler optimizes the code, in the process silently undoing "measures taken by the skilled implementer." In Purnal's analysis, the Clang compiler was found to emit a vulnerable secret-dependent branch in the poly_frommsg function of the ML-KEM reference code needed in both key encapsulation and decapsulation, corresponding to the expand_secure implementation.
While the reference implementation was patched, "It's important to note that this does not rule out the possibility that other libraries, which are based on the reference implementation but do not use the poly_frommsg function verbatim, may be vulnerable — either now or in the future," Purnal wrote.

Purnal also published a proof-of-concept demo on GitHub. "On an Intel Core i7-13700H, it takes between 5-10 minutes to leak the entire ML-KEM 512 secret key using end-to-end decapsulation timing measurements."

Reuters reports: A special uranium fuel planned for next-generation U.S. nuclear reactors poses security risks because it could be used without further enrichment as fissile material in nuclear weapons, scientists said in an article published on Thursday. The fuel, called high-assay low-enriched uranium, or HALEU, is enriched to levels of up to 20%, compared with about 5% for the fuel that powers most existing reactors.

Until recently it was made in commercial amounts only in Russia, but the United States wants to produce it to fuel a new wave of reactors... "This material is directly usable for making nuclear weapons without any further enrichment or reprocessing," said Scott Kemp, one of five authors of the peer-reviewed article in the journal Science. "In other words, the new reactors pose an unprecedented nuclear-security risk," said Kemp, a professor at the Massachusetts Institute of Technology and a former science adviser on arms control at the State Department. A bomb similar in power to the one the U.S. dropped on Hiroshima, Japan in 1945 could be made from 2,200 pounds (1,000 kg) or less of 19.75% enriched HALEU, the article said. "Designing such a weapon would not be without its challenges, but there do not appear to be any convincing reasons why it could not be done," it said.

The authors said if enrichment is limited to 10% to 12%, the supply chain would be far safer with only modest costs...

TerraPower, a company backed by Bill Gates that has received funding from the [U.S.] Energy Department, hopes to build its Natrium nuclear plant in Wyoming by 2030 to run on HALEU. TerraPower in late 2022 delayed Natrium's launch date by at least two years to 2030 due to a lack of HALEU. A TerraPower spokesperson said Natrium will use HALEU as it allows more efficient energy production and reduces nuclear waste volumes. "TerraPower has made reduction of weapons risks a foundational principle" the spokesperson said, adding that its fuel cycle eliminates the risk of proliferation.
Reuters notes that America's 2022 climate legislation "included $700 million for a HALEU availability program including purchasing the fuel to create a supply chain for planned high-tech reactors."

But the study's authors argue that if it becomes a standard reactor fuel, it could eliminate the distinction between peaceful and nonpeaceful nuclear programs — in countries around the world.

Thanks to Slashdot reader locater16 for sharing the article.

"Researchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments," reports BleepingComputer: In a report Wednesday, cybersecurity company Trend Micro says that the new Linux variant for TargetCompany ransomware makes sure that it has administrative privileges before continuing the malicious routine... Once on the target system, the payload checks if it runs in a VMware ESXi environment by executing the 'uname' command and looking for 'vmkernel.' Next, a "TargetInfo.txt" file is created and sent to the command and control (C2) server. It contains victim information such as hostname, IP address, OS details, logged-in users and privileges, unique identifiers, and details about the encrypted files and directories. The ransomware will encrypt files that have VM-related extensions (vmdk, vmem, vswp, vmx, vmsn, nvram), appending the ".locked" extension to the resulting files.

Finally, a ransom note named "HOW TO DECRYPT.txt" is dropped, containing instructions for the victim on how to pay the ransom and retrieve a valid decryption key. "After all tasks have been completed, the shell script deletes the payload using the 'rm -f x' command so all traces that can be used in post-incident investigations are wiped from impacted machines."

Thanks to long-time Slashdot reader joshuark for sharing the article.

"Lansweeper's scans of its customers' networks found an awful lot of Linux boxes facing imminent end of life," reports the Register, "with no direct upgrade path." Belgian corporate network scanner vendor Lansweeper periodically collates some of the statistics collected by its users and publishes the results... This year's report says that while a third of its users' Linux machines run Ubuntu, second place goes to CentOS Linux [with 26.05%].

Back in 2020, Red Hat brought CentOS Linux 8's end of life forward from 2029 to the end of 2021. CentOS Linux 9 was canceled, CentOS Linux 8 is dead and gone, leaving only CentOS Linux 7. As we reported in May, CentOS 7's end of life is very close now — the end of June. After this month, no more updates.

Of course, Red Hat will be happy to help you migrate to RHEL. It offers a free tool to switch boxes' package source, but RHEL 7 hits what Red Hat terms "the end of its maintenance support 2 phase" on the same day. RHEL 7 isn't EOL, but you'll need to pay extra for "Extended Lifecycle Support (ELS)" to keep security fixes coming. Lansweeper seems confident this will happen: "Assuming most of the CentOS devices will migrate over to RHEL, we can expect RHEL to comfortably take over first place from Ubuntu soon."
RHEL was already on 20% of the machines scanned by Lansweeper (with Rocky Linux at 1.5%). But the Register argues that instead of switching to RHEL, "the freeloaders running CentOS Linux might well migrate to one of the RHELatives instead. CIQ publishes guidance on how to migrate to Rocky Linux, and will help if you buy its CIQ Bridge service. AlmaLinux has more than that with its ELevate tool to perform in-place version upgrades, as we described back in 2022.

"Or, of course, you could just reinstall with Debian, and run anything you can't immediately reprovision in a free RHEL container image."

Microsoft says it's making its new Recall feature in Windows 11 that screenshots everything you do on your PC an opt-in feature and addressing various security concerns. From a report: The software giant first unveiled the Recall feature as part of its upcoming Copilot Plus PCs last month, but since then, privacy advocates and security experts have been warning that Recall could be a "disaster" for cybersecurity without changes. Thankfully, Microsoft has listened to the complaints and is making a number of changes before Copilot Plus PCs launch on June 18th. Microsoft had originally planned to turn Recall on by default, but the company now says it will offer the ability to disable the controversial AI-powered feature during the setup process of new Copilot Plus PCs. "If you don't proactively choose to turn it on, it will be off by default," says Windows chief Pavan Davuluri.

An anonymous reader shares a report: Two senior officials working for anti-terror police in Bangladesh allegedly collected and sold classified and personal information of citizens to criminals on Telegram, TechCrunch has learned. The data allegedly sold included national identity details of citizens, cell phone call records and other "classified secret information," according to a letter signed by a senior Bangladeshi intelligence official, seen by TechCrunch.

The letter, dated April 28, was written by Brigadier General Mohammad Baker, who serves as a director of Bangladesh's National Telecommunications Monitoring Center, or NTMC, the country's electronic eavesdropping agency. Baker confirmed the legitimacy of the letter and its contents in an interview with TechCrunch. "Departmental investigation is ongoing for both the cases," Baker said in an online chat, adding that the Bangladeshi Ministry of Home Affairs ordered the affected police organizations to take "necessary action against those officers." The letter, which was originally written in Bengali and addressed to the senior secretary of the Ministry of Home Affairs Public Security Division, alleges the two police agents accessed and passed "extremely sensitive information" of private citizens on Telegram in exchange for money.

Longtime Slashdot reader MattSparkes shares a report from NewScientist: Quantum computing experts are baffled by the UK government's new export restrictions on the exotic devices (source paywalled), saying they make little sense. [The UK government has set limits on the capabilities of quantum computers that can be exported -- starting with those above 34 qubits, and rising as long as error rates are also higher -- and has declined to explain these limits on the grounds of national security.] The legislation applies to both existing, small quantum computers that are of no practical use and larger computers that don't actually exist, so cannot be exported. Instead, there are fears the limits will restrict sales and add bureaucracy to a new and growing sector. For more context, here's an excerpt from an article published by The Telegraph in March: The technology has been added to a list of "dual use" items that could have military uses maintained by the Export Control Joint Unit, which scrutinizes sales of sensitive goods. A national quantum computer strategy published last year described the technology as being "critically important" for defense and national security and said the UK was in a "global race" to develop it. [...] The changes have been introduced as part of a broader update to export rules agreed by Western allies including the US and major European countries. Several nations with particular expertise on quantum computer technologies have added specific curbs, including France which introduced rules at the start of this month.

Last year, industry body Quantum UK said British companies were concerned about the prospect of further export controls, and that they could even put off US companies seeking to relocate to the UK. Quantum computer exports only previously required licenses in specific cases, such as when they were likely to lead to military use. Oxford Instruments, which makes cooling systems for quantum computers, said last year that sales in China had been hit by increasing curbs. James Lindop of law firm Eversheds Sutherland said: "Semiconductor and quantum technologies -- two areas in which the UK already holds a world-leading position -- are increasingly perceived to be highly strategic and critical to UK national security. This will undoubtedly create an additional compliance burden for businesses active in the development and production of the targeted technologies."

In an interview with PCWorld's Mark Hachman, Google's ChromeOS chief said the company is cautiously exploring a Recall-like feature for Chromebooks, dubbed "memory." Microsoft's AI-powered Recall feature for Windows 11 was unveiled at the company's Build 2024 conference last month. The feature aims to improve local searches by making them as efficient as web searches, allowing users to quickly retrieve anything they've seen on their PC. Using voice commands and contextual clues, Recall can find specific emails, documents, chat threads, and even PowerPoint slides. Given the obvious privacy and security concerns, many users have denounced the feature, describing it as "literal spyware or malware." PCWorld reports: I sat down with John Solomon, the vice president at Google responsible for ChromeOS, for a lengthy interview around what it means for Google's low-cost Google platform as the PC industry moved to AI PCs. Microsoft, of course, is launching Copilot+ PCs alongside Qualcomm's Snapdragon X Elite -- an Arm chip. And Chromebooks, of course, have a long history with Arm. But it's Recall that we eventually landed upon -- or, more precisely, how Google sidles into the same space. Recall is great in theory, but in practice may be more problematic.) Recall the Project Astra demo that Google showed off at its Google I/O conference. One of the key though understated aspects of it was how Astra "remembered" where the user's glasses were.

Astra didn't appear to be an experience that could be replicated on the Chromebook. Most users aren't going to carry a Chromebook around (a device which typically lacks a rear camera) visually identifying things. Solomon respectfully disagreed. "I think there's a piece of it which is very relevant, which is this notion of having some kind of context and memory of what's been happening on the device," Solomon said. "So think of something that's like, maybe viewing your screen and then you walk away, you get distracted, you chat to someone at the watercooler and you come back. You could have some kind of rewind function, you could have some kind of recorder function that would kind of bring you back to that. So I think that there is a crossover there.

"We're actually talking to that team about where the use case could be," Solomon added of the "memory" concept. "But I think there's something there in terms of screen capture in a way that obviously doesn't feel creepy and feels like the user's in control." That sounds a lot like Recall! But Solomon was quick to point out that one of the things that has turned off users to Recall was the lack of user control: deciding when, where, and if to turn it on. "I'm not going to talk about Recall, but I think the reason that some people feel it's creepy is when it doesn't feel useful, and it doesn't feel like something they initiated or that they get a clear benefit from it," Solomon said. "If the user says like -- let's say we're having a meeting, and discussing complex topics. There's a benefit of running a recorded function if at the end of it it can be useful for creating notes and the action items. But you as a user need to put that on and decide where you want to have that."

An anonymous reader quotes a report from BleepingComputer: The FBI urges past victims of LockBit ransomware attacks to come forward after revealing that it has obtained over 7,000 LockBit decryption keys that they can use to recover encrypted data for free. FBI Cyber Division Assistant Director Bryan Vorndran announced this on Wednesday at the 2024 Boston Conference on Cyber Security. "From our ongoing disruption of LockBit, we now have over 7,000 decryption keys and can help victims reclaim their data and get back online," the FBI Cyber Lead said in a keynote. "We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center at ic3.gov."

This call to action comes after law enforcement took down LockBit's infrastructure in February 2024 in an international operation dubbed "Operation Cronos." At the time, police seized 34 servers containing over 2,500 decryption keys, which helped create a free LockBit 3.0 Black Ransomware decryptor. After analyzing the seized data, the U.K.'s National Crime Agency and the U.S. Justice Department estimate the gang and its affiliates have raked in up to $1 billion in ransoms following 7,000 attacks targeting organizations worldwide between June 2022 and February 2024. However, despite law enforcement efforts to shut down its operations, LockBit is still active and has since switched to new servers and dark web domains. After disrupting LockBit in February, the U.S. State Department said it is offering a reward of up to $15 million for information leading to the identification or location of the leaders of the ransomware group.

When buying a new smartphone, it's important to consider the duration of software updates, as it impacts security and longevity. In a rare public commitment on Monday, thanks to the UK's new Product Security and Telecommunications Infrastructure (PSTI) regulations, Apple said it guarantees a minimum of five years of security updates for the iPhone 15 Pro Max. "In other words, the iPhone 15 is officially guaranteed to receive security updates until September 22, 2028," reports Android Authority. From the report: This, as VP of Engineering for Android Security & Privacy at Google Dave Kleidermacher points out, means that Apple is no longer offering the best security update policy in the industry. Both Samsung and Google guarantee seven years of not just security updates but also Android OS updates for their respective flagship devices, which is two years longer than what Apple guarantees.

To Apple's credit, though, it has long provided more than five years of security updates for its various iPhone devices. Some iPhones have received security updates six or more years after the initial release, which is far more support than the vast majority of Android devices receive. So, while Samsung and Google currently beat Apple in terms of how long they're guaranteeing software support, that doesn't mean iPhone users can't keep their phones for just as long, if not longer. They'll just need to hope Apple doesn't cut off support after the five-year minimum.

In a column at Windows Central, a blog that focuses on Microsoft news, senior editor Zac Bowden discusses the backlash against Windows Recall, a new AI feature in Microsoft's Copilot+ PCs. While the feature is impressive, allowing users to search their entire Windows history, many are concerned about privacy and security. Bowden argues that Microsoft's history of questionable practices, such as ads and bloatware, has eroded user trust, making people skeptical of Recall's intentions. Additionally, the reported lack of encryption for Recall's data raises concerns about third-party access. Bowden argues that Microsoft could have averted the situation by testing the feature openly to address these issues early on and build trust with users. He adds: Users are describing the feature as literal spyware or malware, and droves of people are proclaiming they will proudly switch to Linux or Mac in the wake of it. Microsoft simply doesn't enjoy the same benefit of the doubt that other tech giants like Apple may have.

Had Apple announced a feature like Recall, there would have been much less backlash, as Apple has done a great job building loyalty and trust with its users, prioritizing polished software experiences, and positioning privacy as a high-level concern for the company.

Japan's birth rate fell to a new low for the eighth straight year in 2023, according to Health Ministry data released on Wednesday. A government official described the situation as critical and urged authorities to do everything they can to reverse the trend. From a report: The data underscores Japan's long-standing issues of a rapidly aging and shrinking population, which has serious implications for the country's economy and national security -- especially against the backdrop of China's increasingly assertive presence in the region.

According to the latest statistics, Japan's fertility rate -- the average number of babies a woman is expected to have in her lifetime -- stood at 1.2 last year. The 727,277 babies born in Japan in 2023 were down 5.6% from the previous year, the ministry said -- the lowest since Japan started compiling the statistics in 1899. Separately, the data shows that the number of marriages fell by 6% to 474,717 last year, something authorities say is a key reason for the declining birth rate. In the predominantly traditional Japanese society, out-of-wedlock births are rare as people prize family values.

An anonymous reader shares a report: A Chinese research team says it has uncovered a significant security flaw in processor design that could have a wide impact on China's booming domestic chip industry. China was relying on the structure of the world's largest open-source CPU architecture to build their own CPUs and bypass the US chip ban, and was paying attention to any weaknesses, they said. The issue was found in RISC-V, an open-source standard used in advanced chips and semiconductors. Compared with mainstream CPU structures -- such as X86 used by Intel and AMD --RISC-V offers free access and can be modified without restriction.

The flaw allows attackers to bypass the security protections of modern processors and operating systems without administrative rights, leading to the potential theft of protected sensitive information and breaches of personal privacy. The vulnerability was confirmed by the team of Professor Hu Wei at Northwestern Polytechnical University (NPU), a major defence research institute in Shaanxi province. The researchers are experienced in hardware design security, vulnerability detection and cryptographic application safety. It was first reported by the National Computer Network Emergency Response Technical Team/Coordination Centre of China (CNCERT) on April 24, and NPU gave further details in an official announcement on May 24.

Google has acquired software virtualization company Cameyo to enhance ChromeOS's support for virtualized Windows apps. The acquisition follows a partnership between the two companies last year, which aimed to provide businesses with a seamless virtual application experience on ChromeOS devices. With Cameyo's technology, Google seeks to attract more enterprises to adopt ChromeOS by offering enhanced compatibility with legacy Windows applications while maintaining the simplicity and security of the ChromeOS ecosystem.

The companies didn't reveal the financial terms of the deal.

Microsoft is ending support for Windows 10 in October 2025, but the company is now taking the unusual step of reopening its beta program for Windows 10 to test new features and improvements. From a report: Windows 10 already got the AI Copilot feature that was originally exclusive to Windows 11, and it may well get other features soon. "To bring new features and more improvements to Windows 10 as needed, we need a place to do active feature development with Windows Insiders," explains Microsoft's Windows Insider team in a blog post. "So today, we are opening the Beta Channel for Windows Insiders who are currently on Windows 10."

Microsoft hasn't revealed what additional Windows 10 features it plans to test next, but Windows Insiders can opt into the beta channel to get them early. Crucially, the Windows 10 end of support date of October 14th, 2025 is still unchanged. "Joining the Beta Channel on your Windows 10 PC does not change that," says Microsoft.

An anonymous reader quotes a report from Wired: When Microsoft CEO Satya Nadella revealed the new Windows AI tool that can answer questions about your web browsing and laptop use, he said one of the"magical" things about it was that the data doesn't leave your laptop; theWindows Recall system takes screenshots of your activity every five seconds and saves them on the device. But security experts say that data may not stay there for long. Two weeks ahead ofRecall's launch on new Copilot+ PCs on June 18, security researchers have demonstrated how preview versions of the tool store the screenshots in an unencrypted database. The researchers say the data could easily be hoovered up by an attacker. And now, in a warning about how Recall could be abused by criminal hackers, Alex Hagenah, a cybersecurity strategist and ethical hacker, has released a demo tool that can automatically extract and display everything Recall records on a laptop.

Dubbed TotalRecall -- yes, after the 1990 sci-fi film -- the tool can pull all the information that Recall saves into its main database on a Windows laptop. "The database is unencrypted. It's all plain text," Hagenah says. Since Microsoft revealed Recall in mid-May, security researchers have repeatedly compared it to spyware or stalkerware that can track everything you do on your device. "It's a Trojan 2.0 really, built in," Hagenah says, adding that he built TotalRecall -- which he's releasing on GitHub -- in order to show what is possible and to encourage Microsoft to make changes before Recall fully launches. [...] TotalRecall, Hagenah says, can automatically work out where the Recall database is on a laptop and then make a copy of the file, parsing all the data as it does so. While Microsoft's new Copilot+ PCs aren't out yet, it's possible to use Recall by emulating a version of the devices. "It does everything automatically," he says. The system can set a date range for extracting the data -- for instance, pulling information from only one specific week or day. Pulling one day of screenshots from Recall, which stores its information in an SQLite database, took two seconds at most, Hagenah says.

Included in what the database captures are screenshots of whatever is on your desktop -- a potential gold mine for criminal hackers or domestic abusers who may physically access their victim's device. Images include captures of messages sent on encrypted messaging apps Signal and WhatsApp, and remain in the captures regardless of whether disappearing messages are turned on in the apps. There are records of websites visited and every bit of text displayed on the PC. Once TotalRecall has been deployed, it will generate a summary about the data; it is also possible to search for specific terms in the database. Hagenah says an attacker could get a huge amount of information about their target, including insights into their emails, personal conversations, and any sensitive information that's captured by Recall. Hagenah's work builds on findings from cybersecurity researcher Kevin Beaumont, who has detailed how much information Recall captures and how easy it can be to extract it.

A Google contractor used admin privileges to access private information from Nintendo's YouTube account about an upcoming Yoshi game in 2017, which later made its way to Reddit before Nintendo announced the game, according to a copy of an internal Google database detailing potential privacy and security incidents obtained by 404 Media. From the report: The news provides more clarity on how exactly a Redditor, who teased news of the new Yoshi game, which was later released as Yoshi's Crafted World in 2019, originally obtained their information. A screenshot in the Reddit post shows a URL that starts with www.admin.youtube.com, which is a Google corporate login page. "Google employee deliberately leaked private Nintendo information," the entry in the database reads. The database obtained by 404 Media includes privacy and security issues that Google's own employees reported internally.

jd writes: There aren't many details yet, but a private company used by the National Health Service in London was hit by a ransomware attack today, leading to cancelled operations and cancelled tests. The provider has been hit multiple times this year and is obviously not bothering with making any improvements in cybersecurity. There really should be legal requirements when it comes to maintaining what is de-facto critical infrastructure.

From the article:

"Major NHS hospitals in London have been hit by a cyber-attack, which is seriously disrupting their services, including blood tests and transfusions. The ransomware attack is having a "major impact" on the care provided by Guy's and St Thomas' NHS trust, its chief executive has told staff in a letter. The attack is understood to affect other hospitals, including King's College hospital, and has left them unable to connect to the servers of the private firm that provides their pathology services.

Synnovis, an outsourced provider of lab services to NHS trusts across south-east London, was the target of the attack, believed to be a form of ransomware, a piece of software which locks up a computer system to extort a payment for restoring access. According to one healthcare worker, the labs were still functional, but communication with them was limited to paper only, imposing a huge bottleneck and forcing cancellation or reassignment of all but the most urgent bloodwork. Direct connections with Synnovis' servers were cut to limit the risk of the infection spreading. ...
This is the third attack in the last year to hit part of the Synlab group, a German medical services provider with subsidiaries across Europe. In June 2023, ransomware gang Clop hacked and stole data from the French branch of the company just days after it hit headlines for bringing down a payroll provider for companies including BA, Boots and the BBC. Clop published the stolen data later that summer."