December 10, 2024 at 05:12AM The Ukrainian Computer Emergency Response Team (CERT-UA) warns of phishing attacks targeting defense firms and military forces by the Russia-linked UAC-0185 group. The emails masquerade as official conference invitations, containing malicious links that enable remote system access and credential theft from messaging apps and military systems. ### Meeting Takeaways – … Read more
December 3, 2024 at 07:42AM Data of over 760,000 employees from major companies, including Bank of America and Nokia, was leaked online, linked to last year’s MOVEit hack by the Cl0p ransomware group. The information includes personal and job-related details, posing a risk for social engineering attacks, as analyzed by Atlas Privacy. **Meeting Takeaways: Data … Read more
November 20, 2024 at 09:24PM A data breach at a French hospital compromised medical records of 750,000 patients, linked to a hacker known as ‘nears’. The threat actor claims access to over 1.5 million patient records and is selling access to multiple hospitals’ systems. Exposed data includes personal and medical information, raising phishing risks. ### … Read more
November 20, 2024 at 03:43PM Ford is investigating claims of a data breach involving 44,000 customer records leaked by hackers on a forum. Initially serious, the investigation revealed it involved a third-party supplier and public dealer addresses. Ford confirmed there was no breach of its systems, and the matter is reportedly resolved. **Meeting Notes Takeaways:** … Read more
November 16, 2024 at 02:24AM A threat actor named BrazenBamboo has exploited a zero-day vulnerability in Fortinet’s FortiClient for Windows to extract VPN credentials using a tool called DEEPDATA. Discovered by Volexity, this malware, used in cyber espionage, is part of a broader framework encompassing various communication platforms and data exfiltration capabilities. ### Meeting Takeaways … Read more
November 14, 2024 at 05:47PM A Chinese threat actor known as “SilkSpecter” is exploiting thousands of fraudulent online stores to siphon payment card information from online shoppers in the U.S. and Europe, driven by financial motives. **Meeting Notes Takeaways:** 1. **Threat Actor Identification**: A financially motivated Chinese threat actor known as “SilkSpecter” has been identified. … Read more
November 11, 2024 at 02:11PM Amazon confirmed a data breach involving over 2.8 million employee records, leaked by a threat actor named Nam3L3ss. The data, stolen from a third-party vendor, included work contact information but no sensitive details. The breach is tied to the MOVEit attacks that affected numerous organizations globally in May 2023. ### … Read more
November 5, 2024 at 05:56PM Canadian authorities arrested Alexander “Connor” Moucka for allegedly compromising 165 Snowflake accounts. Known online as “Judische” and “Waifu,” he boasted about the hacks on Telegram. The breaches, linked to UNC5537, exploited credentials from previous infections, targeting companies like Ticketmaster and AT&T, with ransom demands up to $5 million. ### Meeting … Read more
November 4, 2024 at 02:24PM Schneider Electric confirmed a breach of its developer platform, with a threat actor claiming to have stolen 40GB of data from its JIRA server, including 75,000 unique email addresses. The company’s Global Incident Response team is investigating, and its products remain unaffected. The hacker demands $125,000 in “Baguettes” not to … Read more
November 4, 2024 at 04:16AM Cisco confirmed that non-public files downloaded by a threat actor from a misconfigured DevHub portal do not pose a risk for future breaches. While some CX Professional Services customer files were exposed, no financial or personal data was compromised. The company has since corrected the configuration and restored access. **Meeting … Read more