A breach here, a breach there, and a whole lot of disruptions to the victim. In one such incident, Bitmarck had to shut down its systems and now is unsure of when they will be fully up and running. Talking of breaches, T-Mobile suffered another breach; this time affecting over 800 customers. The BlackCat ransomware gang claimed another victim – an Australian law firm. Here are the top 10 highlights from the past 24 hours.
01
Bitmarck, a German IT services provider, was forced to shut down its internal and customer systems—in some cases, entire data centers—owing to a cyberattack.
02
T-Mobile disclosed the second breach of the year after finding that attackers had access to the personal information of 836 customers for over a month, since February.
03
The Royal Ransomware gang claimed to have hacked into Edison Learning, a virtual learning provider. It also claimed to have stolen 20 GB of company data, including the personal information of students and employees.
04
The National Smallbore Rifle Association (NSRA) has warned its members of possible follow-on fraud and cybercrime after a breach of its IT systems.
05
The Australian commercial law firm HWL Ebsworth fell victim to a BlackCat ransomware attack. The group claimed to have stolen 4 TB of company data, including financial reports, accounting data, and others.
06
The North Korean threat group ScarCruft was spotted leveraging oversized LNK files as a propagation method for RokRAT malware, initiated via multi-stage infection chains.
07
Lookout spotted a new Android spyware, dubbed BouldSpy, used by the Iranian government to spy on more than 300 individuals from minority groups, including Iranian Kurds, Baluchis, Azeris, and Armenian Christian groups.
08
Trend Micro stumbled over a new campaign by Earth Longzhi, exploiting public-facing applications, IIS and Microsoft Exchange servers, to install Behinder, a powerful web shell variant.
09
The 0VIX DeFi protocol lost $1.45 million in a hack, where attackers exploited the flash loan feature to transfer stolen tokens to Stargate Finance on the Ethereum main net, and exchanged them for ETH.
10
FortiGuard Labs warned of attackers exploiting a five-year-old authentication bypass vulnerability in TBK DVR devices, with over 600,000 cameras and 50,000 recorders installed globally, providing a significant threat to camera video feeds.