Had a few conversations lately with local gov folk which bemoaned the lack of active user groups for most software systems. This is a problem! What could we do about it? It seems like vendors are keen to say they have user groups, but then once the sale is made, less keen on convening them. There's real advantages in the people actually using software to get together to share insight, issues, collectivise around requests, and so on. Is there a space, I wonder, for an independent user group as a service offering? Someone to provide a safe place for online discussions, organise regular meet-ups, do a bit of the admin, and maybe engage with the vendors to get them to turn up and so on. Question is probably 'who pays?'.

Andrew Alston

BreachAware® • 2K followers

My conspiracy theory flared up again this week. Three 🇬🇧 UK public bodies had their data dumped—forums, dark web channels, pick your poison. No media coverage I’ve seen yet. But what got my attention wasn’t just that—they showed up alongside a cluster of newly dumped data on payment apps and forex companies, all in the same business vertical, all in the last three weeks. Like buses: nothing, then three at once. These breach clusters are rarely coincidental. They're often the result of shared infrastructure, software, or configurations across organisations within the same vertical. Once attackers identify a vulnerability—whether it's an unpatched web panel, exposed #API, or weak #MFA implementation—they replicate the method across similar targets. It’s efficient, repeatable, and hard to detect until the pattern is clear. Of course they know the best entry points—they’re working from a tested blueprint. #Infostealers remain a central tool in this trend. They no longer stop at saved credentials. Many now extract hardware IDs, personal documents, browser session cookies, and other fingerprinting data. ULPs (User Login Parsers), often bundled with these logs or as lightweight variants, include URL, username, and password entries—ready for direct use. With this level of access, attackers bypass #phishing entirely. A single log can provide entry to payroll systems, internal communications, and admin panels. Expect more buses. #protectyourprivacy #happyfriday