InfoSecBulletin Cybersecurity for mankind
Black Basta ransomware claimed a new victim – Yellow Pages Canada. The threat actor ended up leaking a sample archive containing sensitive details. Speaking of ransomware, a Dutch cable TV provider fell prey to one. The attack was quite disruptive, taking offline every service. In a completely new attack tactic, threat actors are abusing Kubernetes RBAC to run miners. Read along to know everything that transpired over the weekend.
01
Yellow Pages Canada disclosed a cyberattack after the Black Basta ransomware group claimed responsibility and leaked the ID documents, tax documents, sales and purchase agreements, and other sensitive information on its leak site.
02
Dutch cable TV provider SKPNET suffered a ransomware attack that caused an outage of all services, including internet and television, phones, and SKPNET email, among others.
03
The American Bar Association (ABA) recently informed around 1.5 million lawyers and others of a data breach that affected their login information. The intrusion occurred in March.
04
Eurocontrol has been under attack by the pro-Russian threat group Killnet since April 19, causing interruptions to the website, web availability, and communication systems.
05
A new report by Symantec revealed that apart from 3CX, the X_Trader software supply chain attack also impacted two critical infrastructure organizations in the energy sector, in the U.S. and Europe, along with two other financial institutions.
06
Aqua researchers spotted a massive cryptomining campaign, dubbed RBAC Buster, that has been exploiting Kubernetes Role-Based Access Control (RBAC) to create backdoors and run miners.
07
Tank storage firm Vopak fell victim to a ransomware attack, in which the cybercriminals stole information on the company’s tank infrastructure and systems.
08
Research by Secureworks revealed that the Bumblebee malware is being propagated via a new campaign using Google Ads and SEO poisoning promoting trojanized versions of popular apps.
09
Code security solutions provider Semgrep bagged $53 million in Series C funding led by Lightspeed Venture Partners, with participation from previous investors.
10
Anti-ransomware platform Halcyon raised $50 million in a Series A round led by SYN Ventures, with participation from Dell Technologies Capital and Corner Capital.
