Data Breach Today

JANUARY 6, 2023

Only Those Hosted Exchange Customers at Risk, CrowdStrike Forensic Probe Concludes Hosting giant Rackspace says the recent ransomware attack resulted in Microsoft Exchange data for 27 customer organizations being accessed by attackers.

Access 157

Access Ransomware Risk IT 157

Data Breach Today

AUGUST 25, 2023

The Malware Is Based on an Unusual Development Framework Researchers spotted North Korean state hackers deploying a more compact remote access Trojan through a flaw in IT service management software in a campaign affecting European and U.S. Cisco Talos said the Lazarus Group in May started to deploy a Trojan it named QuiteRAT.

Access 236

Access IT 236

Security Affairs

APRIL 10, 2024

Group Health Cooperative of South Central Wisconsin disclosed a data breach that impacted over 500,000 individuals. The Group Health Cooperative of South Central Wisconsin (GHC-SCW) is a non-profit organization that provides health insurance and medical care services to its members in the Madison metropolitan area of Wisconsin.

Data breaches 122

Data breaches e-Discovery Ransomware Insurance 122

Security Affairs

NOVEMBER 2, 2023

Clop ransomware gang gained access to the email addresses of more than 632K US federal employees at the departments of Defense and Justice. Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice. ” states Bloomberg.

Access 119

Access Agriculture Ransomware Data breaches 119

Data Breach Today

MARCH 19, 2022

Broker Provides Services to Conti, Diavol Ransomware Groups Researchers have uncovered a full-time initial access broker group that serves both Conti and Diavol ransomware groups.

Ransomware 256

Ransomware Access 256

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. The Blackjack group is believed to be affiliated with Ukrainian intelligence services that carried out other attacks against Russian targets, including an internet provider and a military infrastructure.

IoT 133

IoT Access Communications Military 133

Data Breach Today

OCTOBER 8, 2022

Phishing Incident Caused Service Disruptions and Delays Australian fruit and vegetable supplier Costa Group says it was subjected to a malicious and sophisticated phishing attack in August that resulted in unauthorized access to its servers.

Phishing 261

Phishing Access Security IT 261

Data Breach Today

JANUARY 4, 2024

Hackers Lock Up Recordings of Court Hearings to Extort Victoria's Court System The court system of Victoria said it had experienced a serious cybersecurity incident in late 2023 that gave hackers access to video recordings of proceedings at multiple courts, including the Supreme Court and the County Court. The hack took place on Dec.

Ransomware 279

Ransomware Cybersecurity Access IT 279

Krebs on Security

SEPTEMBER 30, 2023

Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. According to a September 20, 2023 joint advisory from the FBI and the U.S. According to a September 20, 2023 joint advisory from the FBI and the U.S.

Ransomware 206

Ransomware Data breaches Encryption Systems administration 206

Data Breach Today

MARCH 22, 2022

Ransomware Groups Over-Hype Their Efforts to Drive More Victims to Pay, Expert Says Technology giant Microsoft and access management provider Okta are both investigating claims by the ransomware group Lapsus$ that it breached information pertaining to them or their customers.

Ransomware 245

Ransomware Access IT 245

Security Affairs

OCTOBER 20, 2021

China-linked cyberespionage group LightBasin hacked mobile telephone networks around the world and used specialized tools to access calling records. The cyberespionage group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset.

Access 123

Access Passwords Metadata Authentication 123

Data Breach Today

JANUARY 4, 2024

Nation-State Hackers Blamed for Severing Communications to 24 Million Citizens Ukraine's security intelligence chief said Russian hackers had been responsible for severing internet access and mobile communications from telecom operator Kyivstar in December, after compromising the firm's network months ago.

Communications 290

Communications Access Security 290

Data Breach Today

SEPTEMBER 7, 2020

Recent hacking incidents, including one targeting Twitter, are raising awareness of the importance of privileged access management, says David Boda, group head of information security for Camelot Group, operator of the U.K. National Lottery. He describes PAM best practices.

Access 240

Access Information Security Security 240

KnowBe4

MARCH 24, 2022

Google’s Threat Analysis Group (TAG) describes a cybercriminal group it calls “EXOTIC LILY” that acts as an initial access broker for numerous financially motivated threat actors, including FIN12 and the Conti ransomware gang.

Access 82

Access Phishing Ransomware IT 82

Security Affairs

FEBRUARY 18, 2024

SolarWinds addressed three critical vulnerabilities in its Access Rights Manager (ARM) solution, including two RCE bugs. SolarWinds has fixed several Remote Code Execution (RCE) vulnerabilities in its Access Rights Manager (ARM) solution. Critical 02/06/2024 02/06/2024 SolarWinds Access Rights Manager (ARM) 2023.2.3

Access 130

Access Authentication Compliance IT 130

Krebs on Security

OCTOBER 25, 2021

But sometime over the past 48 hours, the cybercriminal syndicate updated its victim shaming blog to indicate that it is now selling access to many of the organizations it has hacked. It’s also not obvious why they would advertise having hacked into companies if they plan on selling that access to extract sensitive data going forward.

Access 231

Access Ransomware Sales IT 231

Data Breach Today

MARCH 22, 2021

Prodaft: APT Group Uses 'Unprecedented Malware Detection Sandbox' Swiss cybersecurity firm Prodaft says it has accessed several servers used by an advanced persistent threat group tied to the SolarWinds supply chain attack. and the European Union, the researchers say.

Access 227

Access IT Cybersecurity 227

Security Affairs

MARCH 11, 2024

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by exploiting flaws in a TeamCity server.

Ransomware 116

Ransomware Manufacturing Access Security 116

Data Breach Today

AUGUST 1, 2021

DOJ: Russian-Linked Group Breached Office 365 Accounts in 27 Offices The Russian-linked group that targeted SolarWinds using a supply chain attack compromised at least one email account at 27 U.S. Attorneys' Offices in 15 states and Washington D.C. throughout 2020, according to an update posted by the Justice Department.

Access 313

Access 313

Data Breach Today

AUGUST 21, 2020

Kaspersky: 'Transparent Tribe' Using Trojan That Now Targets Removable Devices "Transparent Tribe," a hacking group that targets military and diplomatic organizations, has updated its Crimson remote access Trojan to enable the malware to steal data from removable devices and then use these devices to spread to other systems, according to new research (..)

Military 274

Military IT Access 274

Security Affairs

APRIL 16, 2024

The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker Nexperia and stealing 1 TB of the company’s data. The chipmaker has 14,000 employees as of 2024.

Ransomware 122

Ransomware Manufacturing Insurance Cybersecurity 122

Data Breach Today

JUNE 26, 2023

Group Targeting Transportation, Construction, Government Agencies, CrowdStrike Says A Chinese state hacker is using novel tradecraft to gain initial access to victim systems, according to CrowdStrike.

Manufacturing 144

Manufacturing Education Communications Government 144

Security Affairs

APRIL 23, 2024

North Korea-linked APT groups Lazarus , Andariel , and Kimsuky hacked multiple defense companies in South Korea, reported the National Police Agency. The Police states that the attacks are carried out in the form of an all-out war that see the contribution of multiple APT groups.

Authentication 82

Authentication Passwords Cloud Cybersecurity 82

Krebs on Security

DECEMBER 3, 2021

Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network.

Access 281

Access Ransomware Sales Passwords 281

Data Breach Today

JANUARY 5, 2021

Report Dissects JSSLoader Remote Access Trojan Researchers at Morphisec Labs have published fresh details about a malware variant called JSSLoader that the FIN7 hacking group has used for several years.

Access 222

Access 222

Security Affairs

JANUARY 17, 2024

Switzerland believes that the attack claimed by pro-Russian group NoName that hit the government websites is retaliation for Zelensky’s presence at Davos. Naturally, not empty-handed, but with DDoS gifts” read a message published by the hacker group on its Telegram channel. ” reported the AFP agency. .”

Government 106

Government Access Security IT 106

Security Affairs

NOVEMBER 28, 2023

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. The Daixin Team group added NTMWD to the list of victims on its Tor leak site. The group claims to have stolen a total of 33844 files.

Ransomware 124

Ransomware Phishing Access Risk 124

Data Breach Today

JANUARY 11, 2023

Simeio's First-Ever Acquisition Adds SailPoint, IBM Ties to Existing Saviynt Bond Simeio has added SailPoint and IBM to its identity and access management line card through the purchase of identity services provider PathMaker Group.

Government 130

Government Access IT 130

Security Affairs

NOVEMBER 22, 2023

The Idaho National Laboratory (INL) disclosed a data breach after the SiegedSec hacktivist group leaked stolen human resources data. SiegedSec hacktivists group claimed responsibility for the hack of The Idaho National Laboratory (INL) and leaked stolen human resources data. organizations, especially U.S. municipalities.

Data breaches 121

Data breaches Security Access IT 121

Security Affairs

SEPTEMBER 1, 2023

Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims to recover their data without paying a ransom.

Ransomware 117

Ransomware Encryption Access Security 117

Security Affairs

NOVEMBER 12, 2023

The Lorenz extortion group leaked the data stolen from the Texas-based Cogdell Memorial Hospital. The facility operates as a Critical Access Hospital and a Rural Health Clinic serving rural West Texas. The group claimed to have stolen 5TB of patients’ and employee’s information, backups, PII documents, and more.

Ransomware 132

Ransomware Encryption Communications IT 132

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. 22, 2020, the U.S.

Ransomware 260

Ransomware Government Security IT 260

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access 102

Access Financial Services Retail Insurance 102

Data Breach Today

JUNE 15, 2022

This new extortion technique shows an escalation by ransomware groups in their willingness to use personal data to bludgeon victims into paying extortion money.

Access 238

Access Personal data Ransomware 238

Security Affairs

OCTOBER 12, 2023

Ransomlooker monitors ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide. Cybernews presented Ransomlooker , a tool to monitor ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide.

Ransomware 136

Ransomware Personal data Access Cybersecurity 136

Security Affairs

DECEMBER 19, 2023

The Federal Bureau of Investigation (FBI) announced the seizure of the Tor leak site of the AlphV/Blackcat ransomware group. The FBI seized the Tor leak site of the AlphV/Blackcat ransomware group and replaced the home page with the announcement of the seizure. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Ransomware 115

Ransomware IT Access Manufacturing 115