Ransomware is big business. How big, you ask? Well, just one notorious group appears to have extorted nearly a nine-figure sum. The group we are talking about is LockBit and a joint advisory by international cybersecurity agencies revealed some alarming statistics about it. A new campaign is underway wherein threat …
Read More »
We have three more victims of the MOVEit vulnerability – government departments in two U.S. states and a U.K regulator. All leading to the compromise of sensitive data. Earlier this year, healthcare vendor Intellihartx had fallen victim to the GoAnywhere zero-day attack. It concluded the investigation, revealing hundreds of thousands …
Read More »
Only recently did Barracuda ask you to replace your hacked ESG appliances and we already have our first victim. The Australian capital suffered a security breach, owing to a vulnerability in the product. Another day, another unsecured bucket. A database containing hundreds of thousands of files belonging to Pflegia was …
Read More »
The North Korean hacker group APT38 is back in the headlines as it is targeting investment banking and venture capital firms. Coming right on the heels of connecting the MOVEit Transfer flaw exploitation to the Cl0p ransomware group, there is now an extortion note aimed at hundreds of organizations. The …
Read More »
Just a few days after the MOVEit Transfer flaw was disclosed, threat actors started abusing it. One of them being the Cl0p ransomware group that attacked Zellis, which, in turn, impacted multiple major organizations. Moving on from ransomware attacks, we come to unsecured databases and the resulting data exposure. This …
Read More »
Misconfigured systems can spill data, which can be used by threat actors to breach a company’s systems and hijack communication channels. In one instance, a misconfiguration issue in Swiss real estate agency Neho’s website exposed sensitive credentials for AWS, email services, communication tools, and review platforms to the public. This …
Read More »
It is no secret that medical records are a valuable asset for cybercriminals. Unfortunately, the threat continues to grow as a dental firm confirmed that the personal information of almost nine million people was compromised in a data breach in February. Adding to the woes of crypto investors, Jimbox Protocol …
Read More »
Threat actors are getting creative with crypto scams, leading to massive fund drainage from victims’ wallets. One such scam service ended up looting almost $6 million in crypto from over 4,500 victims. Moving on to data breaches, an Iowa hospital notified patients of a data breach that potentially compromised their …
Read More »
Ransomware actors have been running rampant targeting every sector left, right, and center. In today’s edition, a technology provider fell prey to one, locking customers out of portals and websites. In other news, the threat actor linked to the Triada trojan infected millions of phones – thanks to a preinstalled …
Read More »
Another day, another new round of supply chain attacks launched via malicious Python packages. Researchers observed over 30 new malicious PyPI packages, some of which were designed to credit card details, crypto wallet information, and login credentials. Moving on, a concerning development in BEC attacks has emerged; scammers are adopting a …
Read More »
InfoSecBulletin Cybersecurity for mankind