February 6, 2024 at 10:11AM The ‘ResumeLooters’ threat group has compromised 65 job listing and retail sites using SQL injection and XSS attacks, stealing personal data from over two million job seekers primarily in the APAC region. They employ various tools for penetration testing, such as SQLmap and Acunetix, to exploit security weaknesses and inject … Read more
February 6, 2024 at 05:38AM A Singapore-based cybersecurity firm, Group-IB, uncovered a new threat actor, ResumeLooters, targeting employment agencies and retail companies in the Asia-Pacific region. The group aims to steal sensitive data from job search platforms, compromising over 65 websites and collecting millions of user data records. The stolen information is then sold on … Read more
January 9, 2024 at 12:38PM A critical vulnerability in Cacti’s web-based open source framework for monitoring network performance allows attackers to disclose its entire database. Exploiting this, along with a previously disclosed vulnerability, could lead to remote code execution. The severity of this issue is rated 8.8 out of 10. It’s not widespread but poses … Read more
January 8, 2024 at 06:18AM The number of CNA organizations and CVE identifiers increased in 2023. There were 28,902 published CVEs with an average of 80 new CVEs per day, and the average CVSS score was 7.12. The number of new CNAs announced increased to 84, totaling nearly 350 CNAs from 38 countries. The top … Read more
January 5, 2024 at 07:18AM Ivanti warned of a critical vulnerability in its Endpoint Manager product, CVE-2023-39336, allowing remote code execution and potential device takeover. The issue affects EPM 2022 Service Update 4 and all prior versions, with a fix available in EPM 2022 Service Update 5. Ivanti restricts details to customers, suggesting proactive patching … Read more
December 15, 2023 at 02:06PM Delta Dental of California and its affiliates are notifying 6.9 million patients of a data breach due to a vulnerability in MOVEit Transfer software. The breach resulted in unauthorized access, with stolen data including names, financial account numbers, and credit/debit card numbers. The company is offering 24 months of free … Read more
December 15, 2023 at 10:01AM Delta Dental of California has notified almost seven million patients of a data breach. The breach involved unauthorized access through MOVEit software, leading to the exposure of personal data, including names, financial account numbers, and credit/debit card details. Impacted customers are offered 24 months of free credit monitoring and identity … Read more
December 14, 2023 at 05:20PM Group-IB has detected a new threat group, “GambleForce,” engaged in SQL injection attacks on organizations in the Asia-Pacific region. This group has targeted various sectors, including gambling, government, retail, travel, and job websites, using publicly available penetration-testing tools. The threat actor’s activities have led to data breaches in multiple organizations, … Read more
December 14, 2023 at 11:18AM Group-IB reports a new hacking group, GambleForce, targeting 24 organizations in Asia-Pacific using SQL injections and CMS vulnerabilities to steal sensitive information. The group relies on open source tools and has successfully exfiltrated data from organizations in Australia, Indonesia, the Philippines, and South Korea. GambleForce’s C&C has been taken down … Read more
November 14, 2023 at 06:34PM The WordPress plugin WP Fastest Cache has an SQL injection vulnerability that could allow attackers to access the site’s database. Over 600,000 websites are still using a vulnerable version of the plugin. The vulnerability affects all versions before 1.2.2. An exploit will be released on November 27, 2023, and users … Read more