#DataTheft

Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years

by

November 20, 2023 at 02:00AM Appin Software Security, an Indian hack-for-hire group, has been conducting espionage, surveillance, and disruptive operations targeting various countries for over a decade. The group, initially an educational startup, has been involved in covert hacking operations since at least 2009. They have targeted high-value individuals, governmental organizations, and businesses involved in … Read more

The Week in Ransomware – November 17th 2023 – Citrix in the Crosshairs

by

November 17, 2023 at 06:29PM Ransomware gangs are targeting vulnerable Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt files. The threat actors exploit the Citrix Bleed vulnerability (CVE-2023-4966). Many recent victims, including Toyota Financial Services, ICBC, DP World, Allen & Overy, and Boeing, were found to have … Read more

Shadowy Hack-for-Hire Group Behind Sprawling Web of Global Cyberattacks

by

November 17, 2023 at 02:23PM An investigation by a security vendor has confirmed previous reports linking an Indian hack-for-hire group, called Appin, to cyber espionage and surveillance activities. The group, which no longer exists under its original name, targeted businesses, executives, politicians, and government officials around the world. The investigation found evidence of data theft, … Read more

U.S. Cybersecurity Agencies Warn of Scattered Spider’s Gen Z Cybercrime Ecosystem

by

November 17, 2023 at 02:54AM U.S. cybersecurity and intelligence agencies have issued a joint advisory about a cybercriminal group called Scattered Spider, known for using sophisticated phishing tactics. The group engages in data theft for extortion and has recently used BlackCat/ALPHV ransomware. Scattered Spider relies on social engineering techniques and has connections to the Gen … Read more

Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

by

November 16, 2023 at 07:33AM The ransomware group Alphv and BlackCat has allegedly breached the systems of MeridianLink, a California-based company, and claims to have stolen customer data and operational information. They have filed a complaint with the US Securities and Exchange Commission (SEC) accusing MeridianLink of failing to disclose the breach within the required … Read more

Australian Ports Resume Operation After Crippling Cyber Disruption

by

November 13, 2023 at 04:35PM Four major ports in Australia, operated by DP World, experienced a cyber attack that caused disruptions over the weekend. The company is responsible for 40% of freight in and out of the country. The exact nature of the attack is still unknown, but some experts speculate it may involve ransomware. … Read more

Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks

by

November 9, 2023 at 09:33AM Threat actors are exploiting a zero-day vulnerability in SysAid software to gain unauthorized access to corporate servers for data theft and ransomware deployment. The vulnerability, currently known as CVE-2023-47246, was used by a threat actor group called Lace Tempest to deploy Clop ransomware. SysAid has developed a patch and urges … Read more

FBI Highlights Emerging Initial Access Methods Used by Ransomware Groups 

by

November 8, 2023 at 06:39AM The FBI has warned about ransomware operators using third-party vendors and services to gain initial access to victim environments. Threat actors exploit vulnerabilities in vendor-controlled remote access and legitimate system management tools to elevate permissions in victim networks. The FBI urges organizations to take measures such as creating backups, reviewing … Read more

Okta Hack Blamed on Employee Using Personal Google Account on Company Laptop

by

November 4, 2023 at 12:30PM Okta attributes the recent hack of its support system to an employee who logged into a personal Google account on a company-managed laptop. The breach resulted in the theft of data from multiple Okta customers. The employee’s personal Google account credentials, including session tokens, were compromised, allowing the threat actor … Read more

Finance orgs have 30 days to confess cyber sins under incoming FTC rules

by

October 31, 2023 at 12:22PM New US law enforcement regulations allow for the delay of public disclosure of security breaches if a written request for an extension is granted. The amendment applies to breaches involving the theft of unencrypted data belonging to at least 500 consumers. The FTC estimates that the amendment will affect approximately … Read more