InfoSecBulletin Cybersecurity for mankind
BlackCat hacks Motel One Group and steals 24.5 million files of data. Someone on the dark web claims to have FBI credentials, but it’s unclear if they’re real. Medusa targets two companies and demands large ransoms. Here are the top 5 news highlights from the past day.
* Motel One Group was attacked by BlackCat ransomware. They stole 6 TB of data, which included 150 customer credit card records. The attackers claim to have taken 24.5 million files.
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
CVE-2023-39780
Botnet hacks thousands of ASUS routers
Bangladesh Bank instructed using AI to prevent online gambling
251 Amazon-Hosted IPs Used in Exploit Scan for ColdFusion, Struts, and Elasticsearch
Zero-Trust Policy bypass to Exploit Vulns & Manipulate NHI Secrets
Evaly E-commerce Platform Allegedly Hacked
Exploitable Vulns in Canon Printers Allow Gaining Admin Privileges
184 Million Leaked Credentials Discovered in Open Database
* SeigedSec is reportedly selling the FBI’s Law Enforcement Enterprise Portal (LEEP) account credentials. It’s unknown how many credentials are being sold or if they are real.
* The LockBit ransomware group attacked Fauquier County Public Schools in Virginia and demanded ransom payment by October 19.
* The FBI has warned the energy industry that Chinese and Russian attackers are expected to target critical energy infrastructure more frequently because of changes in global energy supply.
* Netscout reported a significant increase in DDoS attacks in the first half of 2023. There were around 7.9 million attacks, representing a 31% surge compared to the previous year. They also noticed a resurgence in DNS water-torture attacks, with a rise of 353%.
