-
Shinwa Co
January 15, 2024
•
[ ransomware, leak, malware ]
Shinwa Co is added to the LockBit 3.0 ransomware leak site.
-
Government Employees Insurance Company (GEICO)
January 15, 2024
•
[ leak, finance ]
A threat actor identified as wangfei19860902055 advertises the sale of a database related to Government Employees Insurance Company (GEICO) on a popular dark web forum.
-
London Internet Exchange (LINX)
January 15, 2024
Anonymous Sudan, a Russia-affiliated hacktivist group, claims responsibility for a cyberattack on the London Internet Exchange (LINX) in response to Britains support to Israel and the launching of air attacks on Yemen.
-
Khaadi
January 15, 2024
•
[ hack, malware, retail ]
Khaadi, a clothing retail site based in Pakistan and the United Arab Emirates is hit with a magecart attack.
-
South Korean construction trade organization
January 15, 2024
The South Korea's National Cyber Security Center (NCSC) warns that state-backed threat actors DPRK hijacked flaws in a VPN's software update to deploy malware and breach networks. In the first case they compromised the website of a South Korean construction trade organization to disseminate malware to visitors.
-
Construction and machinery companies in South Korea
January 15, 2024
The South Korea's National Cyber Security Center (NCSC) warns that state-backed threat actors DPRK hijacked flaws in a VPN's software update to deploy malware and breach networks. In the second case they exploited vulnerabilities in domestic security software (VPN and server security) to replace update files with malware, distributing remote control malware named "DoraRAT" to construction and machinery companies.
-
Organizations in Myanmar
January 15, 2024
•
[ espionage, backdoor, malware ]
Mustang Panda leveraged mavinject.exe and DLL side-loading to inject a ToneShell family backdoor into processes on targeted Myanmar organisation endpoints to enable espionage and persistent access.
-
Maisons de l’Avenir
January 15, 2024
•
[ ransomware, data leak ]
Maisons de lAvenir is added to the LockBit 3.0 ransomware leak site.
-
Calvià City Council in Majorca
January 13, 2024
•
[ ransomware, malware, government ]
The Calvi City Council in Majorca announces to be targeted by a ransomware attack, which impacted municipal services. The attackers demand a 10M (approximately $11M) ransom.
-
Horne
January 13, 2024
•
[ hack, finance ]
Horne files a notice of data breach resulting in an unauthorized party being able to access consumers sensitive information,
-
CalviàCity Council in Majorca
January 13, 2024
•
[ ransomware, cyberattack, extortion ]
The Calvi City Council in Majorca announces to be targeted by a ransomware attack, which impacted municipal services. The attackers demand a 10M (approximately $11M) ransom.
-
Alkem Laboratories
January 12, 2024
•
[ financial, manufacturing ]
Pharmaceutical company Alkem Laboratories confirms that a cybersecurity incident led to a fraudulent transfer of Rs 52 crore (USD 6.2M) from one of its subsidiaries.
-
Alpha Supported Living Services
January 12, 2024
•
[ social, phishing, healthcare ]
Alpha Supported Living Services (Alpha) files a notice of data breach after discovering that the organization was the recent victim of a phishing attack.
-
DKI Jakarta Provincial government
January 12, 2024
6.8 million voter records related to the 2017 Jakarta gubernatorial election are leaked on the eleakstore, and on the Hydra Market cybercriminal forums.
-
Ameriprise Financial
January 12, 2024
•
[ leak, finance ]
Ameriprise Financial files a notice of data breach after discovering that an unauthorized party was able to access confidential customer information.
-
Undisclosed U.S: Cloud Service Provider
January 11, 2024
•
[ hack, malware, technology ]
A Ukrainian national is arrested for allegedly infecting the servers of a well-known American cloud service provider with a cryptomining malware.
-
Water for People
January 11, 2024
•
[ ransomware, malware, healthcare ]
The ransomware-as-a-service gang Medusa lists Water for People on its darknet site, threatening to publish stolen information unless the nonprofit pays a $300,000 extortion fee.
-
Lush
January 11, 2024
•
[ ransomware, malware, retail ]
Lush, the privately-owned British cosmetics retailer is currently responding to a cyber security incident. Few week later the Akira ransomware gang claims responsibility for the attack.
-
GALA Hispanic Theatre
January 11, 2024
The GALA Hispanic Theatre, a popular theater in Washington, D.C. has more than $250,000 in stolen funds returned after hackers managed to siphon the money out of their bank account.
-
Keating Consulting Group
January 11, 2024
Framework Computer discloses a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, falls victim to a phishing attack.
