December 4, 2023 at 08:12AM New Relic reported a security breach in which hackers accessed their internal environment through social engineering and using credentials stolen from an employee account. Meeting Key Takeaway: – It has been reported that New Relic experienced a security breach in which hackers accessed an internal environment. This incident was a … Read more
December 3, 2023 at 11:36PM New Relic disclosed a two-pronged cyber attack that compromised their staging systems using stolen credentials and affected a small number of customer accounts. They’ve rotated passwords, removed API keys, and updated security measures. Ongoing investigations with external experts aim to enhance their security posture. Meeting Takeaways: 1. Incident Details: New … Read more
November 30, 2023 at 05:27PM Cyberattackers are increasingly exploiting law firms and corporate legal departments with financial attacks such as ransomware and BEC. Incidents like CTS’s breach, LockBit’s ransom demand to Allen & Overy, and the rise in security breaches highlight the threat. Law firms, often handling sensitive information, are vulnerable due to limited cybersecurity … Read more
November 30, 2023 at 01:33PM Vitalii Chychasov was sentenced to eight years in prison and ordered to forfeit $5 million for operating an online marketplace that sold the personal data of 24 million Americans. Captured in Hungary in March 2022, he was extradited to the U.S., where his SSNDOB Marketplace had been active since 2013, … Read more
November 29, 2023 at 01:20PM Since April 2022, Black Basta, a Russia-linked ransomware gang, has obtained over $100 million from double extortion attacks on over 329 entities worldwide. Around 35% of its 90+ victims have paid ransoms, including multi-million dollar settlements. The group may originate from the disbanded Conti gang or have FIN7 ties. **Meeting … Read more
November 29, 2023 at 07:38AM The Rhysida ransomware group has released data purportedly stolen from the British Library, totaling 573GB. The library confirmed the breach, urging password changes. Services are disrupted, with recovery expected to take months. Rhysida initially auctioned the data for 20 Bitcoin, and experts stress the seriousness of such cyberattacks and their … Read more
November 29, 2023 at 01:06AM A new ransomware called Xaro, derived from the DJVU/STOP strain, has been spreading through disguised cracked software. It encrypts files and steals information, demanding $980 in ransom. The malware also installs additional payloads like stealer and loader programs, aiming for double extortion and increased attack success rates. Cybersecurity experts warn … Read more
November 28, 2023 at 12:15PM DP World Australia, a major logistics company, has confirmed that data was stolen during a recent cyber attack on its systems. The attack disrupted operations at five Australian ports, leaving over 30,000 containers stranded. Although no ransomware was used, DP World confirmed that some files were accessed and a small … Read more
November 28, 2023 at 11:16AM Hackers are actively exploiting a critical vulnerability in the ownCloud file synchronization software that could lead to data breaches. The flaw, tracked as CVE-2023-49103, allows attackers to access sensitive information such as admin passwords, mail server credentials, and license keys. The vulnerability affects both containerized and non-containerized deployments, and administrators … Read more
November 28, 2023 at 08:06AM A design flaw in Google Workspace’s domain-wide delegation (DWD) feature poses a serious security risk, allowing threat actors to gain unauthorized access to Workspace APIs. The flaw, called DeleFriend, can be exploited by manipulating existing delegations in Google Cloud Platform and Workspace. It enables theft of emails, data exfiltration, and … Read more