InfoSecBulletin Cybersecurity for mankind
Brain Cipher, a ransomware group that emerged in June 2024, claims to have stolen 1TB of data from Deloitte UK, but this has not been verified.
Deloitte, a top professional services firm, is the newest victim listed on Brain Cipher’s dark web site. Hackers claim to have stolen over 1TB of data and have given Deloitte until December 15, 2024, to respond—less than 11 days away.
Micropatches released for Windows zero-day leaking NTLM hashes
VMware Patches Authentication Bypass Flaw in Windows Tool
IngressNightmare
Over 40% of cloud environments are vulnerable to RCE
(CVE-2025-29927)
Urgently Patch Your Next.js for Authorization Bypass
Oracle refutes breach after hacker claims 6 million data theft
Russian zero-day seller to offer up to $4 million for Telegram exploits
Cybercriminals Exploit Checkpoint’s Driver in a BYOVD Attack
IBM and Veeam Release Patches in AIX System and Backup
WhatsApp patched zero-click flaw exploited in spyware attacks
CVE-2025-24472
CISA Warns of Fortinet FortiOS Auth Bypass Vuln Exploited in Wild
“Soon we will tell you about this incident.
“We will provide an example of data that has leaked.
“The volume of compressed data [is] more than 1tb.”
Brain cipher Group said, “We will show excellent(not) monitoring work, and tell what tools we used, and use there today.”
According to WatchGuard, the group uses a slightly modified version of the LockBit 3.0 builder for its encryption tool.
Deloitte has not published any statement publicly.
Deloitte experienced another cyber incident recently, IntelBroker to claim to have leaked internal communications.
IntelBroker, the leader of the CyberN—–s ransomware gang, claims to have obtained email addresses, internal communications, and other internal company settings.
Deloitte accidentally exposed an Apache Solr server to the internet, leading to the breach, reported cyberdaily.au.
The group uses various extortion tactics to pressure victims and operates a TOR-based site to publish breaches and stolen data.
Brain Cipher ransomware attacks various critical sectors like healthcare, education, and manufacturing, as well as government and law enforcement. A notable incident was the attack on Indonesia’s National Data Center, which disrupted public services including immigration and student registration.
Source: Cyberdaily, cybersecuritynews
(Media Disclaimer: This report is based on research conducted internally and externally using different ways. The information provided is for reference only, and users are responsible for relying on it. Infosecbulletin is not liable for the accuracy or consequences of using this information by any means)
