|
|
|
|
|
|
by sheept
34 days ago
|
|
|
This blog post[0] suggests that, based on their changelog after the incident, the hackers may have extracted session tokens using XSS in a support ticket. Then the ransom note was displayed using a custom theme. [0]: https://cyber.acmucsd.com/canvas (disclosure: I was involved with this org when I was a student) |
|
|