Only recently did Barracuda ask you to replace your hacked ESG appliances and we already have our first victim. The Australian capital suffered a security breach, owing to a vulnerability in the product. Another day, another unsecured bucket. A database containing hundreds of thousands of files belonging to Pflegia was …
Read More »
The North Korean hacker group APT38 is back in the headlines as it is targeting investment banking and venture capital firms. Coming right on the heels of connecting the MOVEit Transfer flaw exploitation to the Cl0p ransomware group, there is now an extortion note aimed at hundreds of organizations. The …
Read More »
Just a few days after the MOVEit Transfer flaw was disclosed, threat actors started abusing it. One of them being the Cl0p ransomware group that attacked Zellis, which, in turn, impacted multiple major organizations. Moving on from ransomware attacks, we come to unsecured databases and the resulting data exposure. This …
Read More »
Misconfigured systems can spill data, which can be used by threat actors to breach a company’s systems and hijack communication channels. In one instance, a misconfiguration issue in Swiss real estate agency Neho’s website exposed sensitive credentials for AWS, email services, communication tools, and review platforms to the public. This …
Read More »
It is no secret that medical records are a valuable asset for cybercriminals. Unfortunately, the threat continues to grow as a dental firm confirmed that the personal information of almost nine million people was compromised in a data breach in February. Adding to the woes of crypto investors, Jimbox Protocol …
Read More »
Threat actors are getting creative with crypto scams, leading to massive fund drainage from victims’ wallets. One such scam service ended up looting almost $6 million in crypto from over 4,500 victims. Moving on to data breaches, an Iowa hospital notified patients of a data breach that potentially compromised their …
Read More »
Ransomware actors have been running rampant targeting every sector left, right, and center. In today’s edition, a technology provider fell prey to one, locking customers out of portals and websites. In other news, the threat actor linked to the Triada trojan infected millions of phones – thanks to a preinstalled …
Read More »
Another day, another new round of supply chain attacks launched via malicious Python packages. Researchers observed over 30 new malicious PyPI packages, some of which were designed to credit card details, crypto wallet information, and login credentials. Moving on, a concerning development in BEC attacks has emerged; scammers are adopting a …
Read More »
A data breach here, a data breach there, data breaches everywhere. Today, we report to you a collection of data breaches across multiple sectors. The first breach involves a cloud-based education platform, which impacted millions. We also have a new Black Basta ransomware attack on a Swiss MNC. Circling back …
Read More »
Art and entertainment venues have lately become quite a lucrative target for threat actors aiming to get their hands on customer information. After The Met, the latest victim in the list includes the National Gallery of Canada, which partially lost some operational data in a ransomware attack. A two-year-long analytical …
Read More »
InfoSecBulletin Cybersecurity for mankind
