Tag: cyberattack

Cisco Talos Warns of a Massive Brute Force Wave

Attacks were opportunistic, the threat was escalating, and enhanced security measures were needed to protect accounts.

The Cisco Talos security team has released information about a new campaign of attackers targeting mass account compromise. Specialists have recorded countless login attempts to gain unauthorized access to web infrastructure, particularly SSH servers, VPN clients and web applications. This is alarming and frightening for both big companies and home users. Cisco Reports Massive Brute… Continue reading Cisco Talos Warns of a Massive Brute Force Wave

UnitedHealth Hack Leaks 6 TB of User Data

The BlackCat group hacked into UnitedHealth, stealing massive amounts of data.

UnitedHealth Group, one of the largest providers of health insurance and health care services in the United States, suffered a cyberattack with the following data breach. The company admitted that the personal data of millions of patients was “stolen” in a cyberattack. This incident is already being called one of the largest in healthcare history.… Continue reading UnitedHealth Hack Leaks 6 TB of User Data

PyPI Malware Spreading Outbreak Exploits Typosquatting

Python Package Index once again suffers from malicious repositories

PyPI, an index of Python packages, once again became a place for malware spreading. Threat actors registered hundreds of profiles to deploy packages, with the name set as typosquatting to known and popular packages. This forced the administration to halt new user registration until the issue is resolved. PyPI Malware Spreading Causes Registrations Halt Python… Continue reading PyPI Malware Spreading Outbreak Exploits Typosquatting

STRRAT and Vcurms Malware Abuse GitHub for Spreading

Attackers are using GitHub as a source for the final payload

A new phishing campaign has recently been discovered that uses GitHub to deliver Remote Access Trojans (RAT) STRRAT and Vcurms via a malicious Java downloader. ANY.RUN specialists have detected the active spread of these malicious programs and warn users against potential threats. Short About STRRAT and Vcurms STRRAT is a Java-based RAT, notorious for its… Continue reading STRRAT and Vcurms Malware Abuse GitHub for Spreading

Fujitsu Hacked, Warns of Data Leak Possibility

Fujitsu discovered malware on its systems, which could potentially lead to massive data leak

Fujitsu, one of the world’s leading IT companies, reports uncovering the hack in their internal network. The company discovered malware in its IT systems, which led to a massive data breach. Fujitsu Hacked, Company Publishes Report The first to discover Fujitsu hack was the company’s IT specialists who were performing the scanning. The first signs… Continue reading Fujitsu Hacked, Warns of Data Leak Possibility

BianLian Exploits TeamCity Vulnerability to Deploy Backdoors

BianLian cybercriminals deploying PowerShell backdoors for covert system access and control.

BianLian, a group of cybercriminals known for their ransomware attacks, recently caught the attention of the information security community. By exploiting vulnerabilities in the JetBrains TeamCity platform, they managed to carry out multistage cyberattacks. Threat actors reportedly start their attack chain with a Golang-based backdoor, and work their way all the way to the ransomware… Continue reading BianLian Exploits TeamCity Vulnerability to Deploy Backdoors

MIT Hacked, Students’ Data Sold on the Darknet

Hackers publish a database full of info about the current - and past - students of MIT

On February 13, 2024, a post on a Darknet forum appeared, offering to purchase a large pack of data leaked from Massachusetts Institute of Technology (MIT). The hacker under the alias “Ynnian” claims that the leak happened this year, and consists mainly of students’ data. No pay is asked for this DB, hence the information… Continue reading MIT Hacked, Students’ Data Sold on the Darknet

Third Ivanti VPN Vulnerability Under Massive Exploitation

One more vulnerability in Ivanti VPN software is actively exploited

Experts have discovered a third Server Side Request Forgery (SSRF) vulnerability in Ivanti products. This is a serious security issue for corporate VPN devices. The new vulnerability allows unauthorized access to restricted resources that were available only after authentication. Ivanti SSRF Vulnerability Exploited Ivanti, a renowned corporate VPN appliance provider, has issued a warning regarding… Continue reading Third Ivanti VPN Vulnerability Under Massive Exploitation

Claro Company Hit by Trigona Ransomware

One more telecom giant fell victim to a ransomware attack

Claro Company, the largest telecom operator in Central and South America, disclosed being hit by ransomware. Representatives shared this information in response to the service disruptions in several regions. From the ransom note it becomes clear that the attackers are Trigona ransomware. Claro Telecom Hacked, Services Disrupted Since January 25, 2024 Claro Telecom customers have… Continue reading Claro Company Hit by Trigona Ransomware

Carbanak is Back with a New Spreading Tactic

The banking malware Carbanak has been observed being used in ransomware attacks with updated tactics.

The Carbanak cybercrime group, infamous for its banking malware, has resurfaced with new ransomware tactics, marking a significant evolution in their modus operandi. This development, as reported by the NCC Group, reflects Carbanak’s adaptability and increased threat to global cybersecurity Carbanak is Back, Using New Distribution Methods Carbanak’s return is marked by a significant shift… Continue reading Carbanak is Back with a New Spreading Tactic