Goldman Sachs Now Ensnared in Epstein Emails

 

". . .Ruemmler, who served as Obama’s White House general counsel and as a federal prosecutor, exchanged emails with Epstein while she was a partner with the law firm Latham & Watkins, where she was global chair of the white-collar defense and investigations practice.

The Journal in 2023 reported that Ruemmler “had dozens of meetings with Epstein in the years after her White House service and before she became a top lawyer at Goldman Sachs ... in 2020.”

“He also planned for her to join a 2015 trip to Paris and a 2017 visit to Epstein’s private island in the Caribbean,” the Journal reported then. The newspaper, citing a Goldman Sachs spokesman, reported that Epstein introduced her to potential legal clients, including Bill Gates, the founder of Microsoft.

Goldman has previously said that Ruemmler had a professional relationship with Epstein connected to her role at Latham, but Latham also has said he was not a client of that firm.

Her missives with Epstein, which the House Oversight Committee released on Wednesday, were exchanged years after Epstein pleaded guilty in 2008 in a Florida state court to prostitution charges involving an underage girl.

Epstein served 13 months in jail in that case and had to register as a sex offender.

“Trump is living proof of the adage that it is better to be lucky than smart,” Ruemmler wrote Epstein on Aug. 26, 2015, according to the email thread received by House Oversight from Epstein’s estate pursuant to a subpoena.

Epstein, who previously had been a long-time friend of Trump’s, replied, “ill give you details when I see you. when are you in ny?”

Ruemmler replied by saying she was going to New York two days later, and was considering driving there.

“I will stop to pee and get gas at a rest stop on the New Jersey turnpike, will observe all of the people there who are at least 100 pounds overweight, will have a mild panic attack as a result of the observation, and will then decide that I am not eating another bite of food for the rest of my life out of fear that I will end up like one of these people,” Ruemmler wrote.

Months later, in January 2016, Epstein emailed Ruemmler, saying, “I stopped talking to [Bill] Clinton when he swore, with whole hearted conviction to me, that he had done something. , he had forgotten that he also swore the exact opposite to me only weeks before.”

On July 14, 2016, Epstein writes Ruemmler: “pretty black dress. you and ruth ginsburg.”

Ruemmler replied less than 20 minutes later: “I like that dress ... narciso Rodriguez. Where did you see that picture? RBG [the late Supreme Court Justice Ruth Bader Ginsburg] was my date to state dinner.”

Kathryn Ruemmler is Chief Legal Officer and General Counsel at Goldman Sachs. In addition to serving on the firm’s Management Committee, Ms. Ruemmler is the Chair of the Firmwide Conduct Committee, Co-Vice Chair of the Firmwide Reputational Risk Committee, and a member of the Firmwide Enterprise Risk Committee.

Epstein's mysterious falling out with Clinton is revealed in emails to Obama lawyer inviting her to his infamous NYC townhouse | Daily Mail Online

Business Insider

Top Goldman Sachs lawyer asked Jeffrey Epstein for career advice, bashed Trump, private emails show

4 hours ago

CNBC

Goldman Sachs stands by top lawyer Kathy Ruemmler after her emails with Jeffrey Epstein exposed

5 hours ago

New York Post

Epstein emails with ex-Obama lawyer claim he stopped talking to Bill Clinton for mysterious reason

1 day ago

X

🚨🇺🇸 EPSTEIN'S BRUTAL REASON FOR DITCHING CLINTON: "HE'S A LIAR" Jeffrey Epstein stopped talking to Bill Clinton because he caught him lying about the same issue twice, according to explosive House Oversight Committee emails released Wednes

1 day ago

primetimer.com

Who is Kathryn Ruemmler? Epstein emails with Obama’s former counsellor claim disgraced financier severed ties with Bill Clinton

18 hours ago

 

 

CBS News

2 hours ago

Inside Jeffrey Epstein's inner circle, emails and texts show Trump was a regular topic

DATA BREACH WaPo

Washington Post data breach impacts nearly 10K employees, contractors

By
Bill Toulas
November 13, 2025 11:00 AM

The Washington Post is notifying nearly 10,000 employees and contractors that some of their personal and financial data has been exposed in the Oracle data theft attack.

The news organization is one of the largest daily newspapers in the U.S. with approximately 2.5 million digital subscribers.

• Between July 10 and August 22, threat actors accessed parts of its network. They leveraged a vulnerability in Oracle E-Business Suite software that was a zero-day at the time to steal sensitive data.

• In late September, the hackers tried to extort the Washington Post, along with other major companies they had breached the same way.

The hackers leveraged a then-zero-day vulnerability in Oracle E-Business Suite software that the Washington Post used internally, stole data, and then attempted to extort the firm in late September.

 

Oracle E-Business Suite is a widely used enterprise resource planning (ERP) platform with HR, finance, and supply chain functions that large organizations use internally.

According to the Washington Post's notification to impacted individuals, Oracle disclosed the security vulnerability while the news organization was investigating the breach incident.

“On September 29, 2025, the Post was contacted by a bad actor who claimed to have gained access to its Oracle E-Business Suite applications,” describes the letter.
 
“In response, the Post launched a thorough investigation of its Oracle application environment with the assistance of experts to determine if the environment had been accessed without authorization.”

“During the investigation, Oracle announced that it had identified a previously unknown and widespread vulnerability in its E-Business Suite software that permitted unauthorized actors to access many Oracle customers’ E-Business Suite applications.”

Although the attackers aren’t named in the letter, the Clop ransomware group has been linked to these attacks, exploiting a zero-day flaw that is now tracked as CVE-2025-61884.

Among the organizations that were breached using the same vulnerability in Oracle E-Business Suite are Harvard University, American Airlines subsidiary Envoy Air, and Hitachi’s GlobalLogic.

These are some of the victims who have confirmed a breach or are investigating suspicious activity in their environments. However, Clop's data leak site lists a larger number of breached organizations.

The Post’s investigation into the incident concluded on October 27 and revealed that the following types of data belonging to 9,720 employees and contractors had been compromised:

• Full names
• Bank account numbers and routing numbers
• Social Security numbers (SSNs)
• Tax and ID numbers

Impacted individuals received a 12-month free-of-charge identity protection service coverage through IDX and are recommended to consider placing a security freeze on their credit file and setting up fraud alerts on their report

In June, the Washington Post announced that the email accounts of several of its journalists had been compromised in a cyberattack conducted by foreign state actors.

While the two incidents occurred shortly after one another, there is evidence of a connection between them.

BleepingComputer has contacted The Washington Post with additional questions, and we will update this post when we receive a reply.

Secrets Security Cheat Sheet: From Sprawl to Control

Whether you're cleaning up old keys or setting guardrails for AI-generated code, this guide helps your team build securely from the start.

Get the cheat sheet and take the guesswork out of secrets management.

Related Articles:

Harvard investigating breach linked to Oracle zero-day exploit

GlobalLogic warns 10,000 employees of data theft after Oracle breach

American Airlines subsidiary Envoy confirms Oracle data theft attack

Clop extortion emails claim theft of Oracle E-Business Suite data

Oracle patches EBS zero-day exploited in Clop data theft attacks

CISA Urgent Warning: Patch Cisco ASA & Firepower Flaws Now! (CVE-2025-20...

 

 

Breached Company

19 hours ago

Operation Endgame Strikes Again: 1,025 Servers Dismantled in Coordinated Takedown of Rhadamanthys, VenomRAT, and Elysium

 

CISA warned U.S. federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices.

 

 

TOP STORIES

Help Net Security

"Patched" but still exposed: US federal agencies must remediate Cisco flaws (again)

13 hours ago

BleepingComputer

CISA warns feds to fully patch actively exploited Cisco flaws

15 hours ago

The Record from Recorded Future News

Federal agencies not fully patching vulnerable Cisco devices amid ‘active exploitation,’ CISA warns

1 day ago

SecurityWeek

CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks

12 hours ago

CISA warns feds to fully patch actively exploited Cisco flaws

By Sergiu Gatlan
November 13, 2025 07:05 AM

Tracked as CVE-2025-20362 and CVE-2025-20333, these security flaws allow remote threat actors to access restricted URL endpoints without authentication and gain code execution on vulnerable Cisco firewall devices, respectively. If chained, they can enable unauthenticated attackers to gain complete control of unpatched devices remotely.

1. When it patched the two flaws in September, Cisco cautioned customers that they had been exploited as zero-days in attacks targeting 5500-X Series devices with VPN web services enabled. The company also linked these attacks to the ArcaneDoor campaign, which has exploited two other zero-day bugs (CVE-2024-20353 and CVE-2024-20359) to breach government networks since November 2023.
2. The same day, CISA issued Emergency Directive 25-03, ordering U.S. federal agencies to secure their Cisco firewall devices within 24 hours against active exploitation of CVE-2025-20362 and CVE-2025-20333.

 

Internet monitoring platform Shadowserver currently tracks over 30,000 Cisco devices vulnerable to these attacks, down from more than 45,000 when it first began tracking the two vulnerabilities in early October.

Vulnerable Cisco devices exposed online (Shadowserver)

Some federal agencies failed to fully patch flaws

​However, as the cybersecurity agency warned today, some government agencies have failed to correctly patch vulnerable devices, leaving them exposed to attacks amid ongoing attacks targeting unpatched Cisco firewalls on networks belonging to Federal Civilian Executive Branch (FCEB) agencies.

"CISA is aware of multiple organizations that believed they had applied the necessary updates but had not in fact updated to the minimum software version. CISA recommends all organizations verify the correct updates are applied," CISA said.

"In CISA's analysis of agency-reported data, CISA has identified devices marked as 'patched' in the reporting template, but which were updated to a version of the software that is still vulnerable to the threat activity outlined in the ED. CISA is tracking active exploitation of these vulnerable versions in FCEB agencies," it added.

To address this issue, CISA has released new guidance to help federal agencies secure their network against attacks chaining the CVE-2025-20362 and CVE-2025-20333 flaws.

• It also reminded that Emergency Directive 25-03 requires agencies to apply the latest patch to all ASA and Firepower devices on their networks immediately, not just Internet-exposed devices, to block incoming attacks and mitigate breach risks.

This week, CISA also ordered U.S. federal agencies to patch Samsung devices against a critical vulnerability used in zero-day attacks to deploy LandFall spyware on devices running WhatsApp and secure WatchGuard Firebox firewalls against an actively exploited remote code execution vulnerability.

The 2026 CISO Budget Benchmark

It's budget season! Over 300 CISOs and security leaders have shared how they're planning, spending, and prioritizing for the year ahead. This report compiles their insights, allowing readers to benchmark strategies, identify emerging trends, and compare their priorities as they head into 2026.

Learn how top leaders are turning investment into measurable impact.

Related Articles:

CISA orders agencies to patch Cisco flaws exploited in zero-day attacks

Cisco: Actively exploited firewall flaws now abused for DoS attacks

Nearly 50,000 Cisco firewalls vulnerable to actively exploited flaws

Cisco warns of ASA firewall zero-days exploited in attacks

CISA warns of WatchGuard firewall flaw exploited in attacks

 

 

Instagram

17 hours ago

CISA warns of WatchGuard firewall flaw exploited in attacks: CISA has ordered federal agencies to patch an actively exploited vulnerability in WatchGuard Firebox 

UNDERSTANDING THE UNIVERSE: Elon Musk Unveils AI-Generated 'Grokipedia' To Rival Wikipedia–Here's Wh...

There will be 'tears' for some with AI, Mohamed El-Erian says