Spotify
December 19, 2022
•[ hack, ddos, technology ]
Mirai, a KillNet-affiliated collective, claims to have conducted a DDoS attack against the support webpage of a Swedish audio streaming and media services provider.
Level Travel
December 15, 2022
•[ leak, technology ]
NLB, a Ukrainian-affiliated threat actor, has leaked information of 1.5 million clients of a Russian online platform providing travel services.
Profi
December 15, 2022
•[ hack, ddos, technology ]
IT Army of Ukraine claims to have conducted a DDoS attack against the servers of a Russian freelancing platform.
SevenRooms
December 15, 2022
•[ leak, technology ]
Restaurant customer management platform SevenRooms confirms it suffered a data breach after a threat actor began selling stolen data on a hacking forum.
Advego
December 14, 2022
•[ hack, ddos, technology ]
IT Army of Ukraine has conducted a DDoS attack against the servers of a Russian freelancing platform.
TPG Telecom
December 14, 2022
•[ hack, technology ]
Australia's TPG Telecom this week announced that a threat actor has gained unauthorized access to a service hosting the email accounts of 15,000 customers.
Grafana
December 14, 2022
•[ hack, ddos, technology ]
Mirai, a KillNet-affiliated collective, claims to have conducted a DDoS attack against the cloud service of a US multinational technology company.
FuboTV
December 14, 2022
•[ hack, technology ]
FuboTV says World Cup streaming outage caused by a cyberattack
Social Blade
December 14, 2022
•[ hack, technology ]
Social media analytics platform Social Blade has confirmed they suffered a data breach after its database was breached and put up for sale on a hacking forum.
Uklon
December 11, 2022
•[ hack, ddos, technology ]
The Russian-affiliated People's CyberArmy claims to have conducted a DDoS attack against the website of a Ukrainian company providing ride-hailing services.
Teleperformance USA
December 8, 2022
•[ hack, misconfiguration, technology ]
On December 8, 2022, Teleperformance USA reported a data breach with the Texas Attorney General after learning that an unauthorized party had accessed confidential consumer information that was entrusted to the company.
CloudSEK
December 7, 2022
•[ hack, misconfiguration, technology ]
Indian cybersecurity firm CloudSEK says a threat actor gained access to its Confluence server using stolen credentials for one of its employees' Jira accounts.
Activision
December 4, 2022
•[ social, phishing, technology ]
In December 2022, attackers socially engineered an Activision HR employee into disclosing information which led to the breach of almost 20k employee records. The data contained 16k unique email addresses along with names, phone numbers, job titles and the office location of the employee. Activision advised that no sensitive employee information was included in the breach.
Teqtivity
December 2, 2022
•[ leak, technology ]
Uber staff info leaks after supplier Teqtivity gets pwned
Intrado
December 1, 2022
•[ ransomware, malware, technology ]
Royal Ransomware gang claimed responsibility for a cyber attack against telecommunications company Intrado
West Technology Group (WTG)
December 1, 2022
•[ hack, technology ]
West Technology Group (WTG) files a notice of data breach after confirming that an unauthorized party was able to access and remove confidential employee information from the company's computer network.
GoTo
November 30, 2022
•[ hack, technology ]
Remote access and collaboration company GoTo discloses that they suffered a security breach where threat actors gained access to their development environment and third-party cloud storage service.
Mercury IT
November 30, 2022
•[ ransomware, malware, technology ]
NZ Privacy Commissioner Investigates Mercury IT Ransomware Attack.
Numerous Ukranian organizations
November 28, 2022
•[ ransomware, malware, technology ]
ESET researchers have discovered a new Sandworm campaign, using a ransomware dubbed RansomBoggs, targeting Ukrainian organizations.
Movie Forums
November 24, 2022
•[ hack, misconfiguration, technology ]
In December 2022, the Movie Forums website suffered a data breach that affected 40k users. The breach exposed email and IP addresses, usernames, dates of birth and passwords stored as easily crackable salted MD5 hashes. The data was subsequently posted a popular clear web hacking forum.
