ABB
May 7, 2023
•[ ransomware, malware, technology ]
Swiss multinational company ABB, a leading electrification and automation technology provider, suffers a Black Basta ransomware attack, reportedly impacting business operations.
PaperCut
May 6, 2023
•[ hack, malware, technology ]
Researchers from Microsoft reveal that Iranian state-backed hackers from Mint Sandstorm (also known as Phosphorus or APT35) have joined the ongoing assault targeting vulnerable PaperCut MF/NG print management servers.
Barracuda
May 1, 2023
•[ hack, malware, technology ]
Barracuda, a company known for its email and network security solutions, warns customers that some of their Email Security Gateway (ESG) appliances were breached last week by targeting CVE-2023-2868, a now-patched zero-day vulnerability.
Emby
May 1, 2023
•[ hack, misconfiguration, technology ]
Emby says it remotely shut down an undisclosed number of user-hosted media server instances that were recently hacked by exploiting a previously known vulnerability and an insecure admin account configuration.
TIC Hosting
April 30, 2023
•[ hack, technology ]
TIC Hosting, a hosting provider in Romania, suffers a data breach affecting 300 customers.
CityJerks[.]com
April 27, 2023
•[ hack, technology ]
Attackers steal mail addresses, direct messages, and other personal data from users of CityJerks[.]com, a dating website.
TruckerSucker[.]com
April 27, 2023
•[ hack, technology ]
Attackers steal mail addresses, direct messages, and other personal data from users of TruckerSucker[.]com, a dating website.
Maariv
April 26, 2023
•[ hack, ddos, technology ]
Anonymous Sudan takes down the websites of major Israeli news outlet Maariv.
Yellow Pages Canada
April 24, 2023
•[ ransomware, malware, technology ]
Yellow Pages Canada, a Canadian directory publisher confirms to have been hit by a cyber attack. The Black Basta ransomware and extortion gang claims responsibility for the attack and posts sensitive documents and data over the weekend.
3CX
April 20, 2023
•[ espionage, malware, technology ]
Researchers from Mandiant reveal that the 3CX supply chain attack was caused by another supply chain compromise where suspected North Korean attackers breached the site of stock trading automation company Trading Technologies to push trojanized software builds.
PaperCut
April 19, 2023
•[ ransomware, malware, technology ]
Print management software developer PaperCut warns customers to update their software immediately, as hackers are actively exploiting two flaws, ZDI-CAN-18987 / PO-1216 and ZDI-CAN-19226 / PO-1219, to gain access to vulnerable servers. Later the attacks are attributed to the Cl0p ransomware gang.
Cisco
April 18, 2023
•[ espionage, malware, technology ]
The UK National Cyber Security Centre (NCSC), US Cybersecurity and Infrastructure Security Agency (CISA), NSA, FBI, and Cisco warn of Russian state-sponsored APT28 hackers deploying a custom malware named 'Jaguar Tooth' on Cisco IOS routers, exploiting CVE-2017-6742, allowing unauthenticated access to the device.
Valid Certificadora
April 16, 2023
•[ ransomware, leak, malware ]
Valid Certificadora, a Brazilian firm that issues digital certificates used by both businesses and public entities is added to the CrossLock ransomware leak site.
Jobzone
April 15, 2023
•[ leak, technology ]
In April 2023, data from the Israeli jobs website Jobzone was posted online. The data included 30k records of email addresses, names, social security numbers, genders, dates of birth, fathers' names and physical addresses.
Affinity
April 13, 2023
•[ leak, technology ]
UK-based photo editing, graphic design and publishing software developer Affinity informs its forum members of a data breach.
GDAC
April 9, 2023
•[ financial, hack, technology ]
South Korean cryptocurrency exchange GDAC is the target of attackers, with the platform losing nearly $13M during the attack.
Apple
April 7, 2023
•[ hack, malware, technology ]
Apple releases emergency security updates to address two new zero-day vulnerabilities (CVE-2023-28205 and CVE-2023-28206) exploited in attacks to compromise iPhones, Macs, and iPads.
Killer Instinct
April 6, 2023
•[ leak, technology ]
Killer Instinct, a company that trades high-tech modern adaptations of the archaic long-range weapon, discloses a data breach affecting over 800 users.
Genesis Market
April 5, 2023
•[ hack, malware, technology ]
In April 2023, the stolen identity marketplace Genesis Market was shut down by the FBI and a coalition of law enforcement agencies across the globe in "Operation Cookie Monster". The service traded in "browser fingerprints" which enabled criminals to impersonate victims and access their online services. As many of the impacted accounts did not include email addresses, "8M" is merely an approximation intended to indicate scale. Other personal data compromised by the service included names, addresses and credit card information, although not all individuals had each of these fields exposed.
Check Point
April 4, 2023
•[ hack, ddos, technology ]
The web site of Check Point, one of Israel's largest cybersecurity companies, is taken down by Anonymous Sudan.
