Cisco
April 18, 2023
•[ espionage, malware, technology ]
The UK National Cyber Security Centre (NCSC), US Cybersecurity and Infrastructure Security Agency (CISA), NSA, FBI, and Cisco warn of Russian state-sponsored APT28 hackers deploying a custom malware named 'Jaguar Tooth' on Cisco IOS routers, exploiting CVE-2017-6742, allowing unauthenticated access to the device.
Valid Certificadora
April 16, 2023
•[ ransomware, leak, malware ]
Valid Certificadora, a Brazilian firm that issues digital certificates used by both businesses and public entities is added to the CrossLock ransomware leak site.
Jobzone
April 15, 2023
•[ leak, technology ]
In April 2023, data from the Israeli jobs website Jobzone was posted online. The data included 30k records of email addresses, names, social security numbers, genders, dates of birth, fathers' names and physical addresses.
Affinity
April 13, 2023
•[ leak, technology ]
UK-based photo editing, graphic design and publishing software developer Affinity informs its forum members of a data breach.
GDAC
April 9, 2023
•[ financial, hack, technology ]
South Korean cryptocurrency exchange GDAC is the target of attackers, with the platform losing nearly $13M during the attack.
Apple
April 7, 2023
•[ hack, malware, technology ]
Apple releases emergency security updates to address two new zero-day vulnerabilities (CVE-2023-28205 and CVE-2023-28206) exploited in attacks to compromise iPhones, Macs, and iPads.
Killer Instinct
April 6, 2023
•[ leak, technology ]
Killer Instinct, a company that trades high-tech modern adaptations of the archaic long-range weapon, discloses a data breach affecting over 800 users.
Genesis Market
April 5, 2023
•[ hack, malware, technology ]
In April 2023, the stolen identity marketplace Genesis Market was shut down by the FBI and a coalition of law enforcement agencies across the globe in "Operation Cookie Monster". The service traded in "browser fingerprints" which enabled criminals to impersonate victims and access their online services. As many of the impacted accounts did not include email addresses, "8M" is merely an approximation intended to indicate scale. Other personal data compromised by the service included names, addresses and credit card information, although not all individuals had each of these fields exposed.
Check Point
April 4, 2023
•[ hack, ddos, technology ]
The web site of Check Point, one of Israel's largest cybersecurity companies, is taken down by Anonymous Sudan.
Constellation Software
April 3, 2023
•[ ransomware, malware, technology ]
Canadian diversified software company Constellation Software confirmes that some of its systems were breached by threat actors who also stole personal information and business data. The BlackCat ransomware gangs claims responsibility for the attack.
T-Mobile
March 31, 2023
•[ hack, technology ]
T-Mobile discloses the second data breach of 2023 after discovering that attackers had access to the personal information of 836 customers for more than a month, starting late February 2023.
SONDA
March 31, 2023
•[ ransomware, malware, technology ]
The Chilean IT multinational SONDA, which has a presence in 11 countries, is placed on the leaks page of the ransomware threat actor Medusa Locker.
Tigo
March 31, 2023
•[ leak, misconfiguration, technology ]
In Mid-2023, 300GB of data containing over 100M records from the Chinese video chat platform "Tigo" dating back to March that year was discovered. The data contained over 700k unique names, usernames, email and IP addresses, genders, profile photos and private messages. Tigo did not respond to multiple attempts to disclose the incident.
Evide
March 30, 2023
•[ ransomware, malware, technology ]
Evide, a data management company in Northern Ireland, is hit with a ransomware attack.
AudienceView
March 28, 2023
•[ hack, technology ]
AudienceView, an online ticketing platform, discloses to have been hit by a cyber attack impacting students at dozens of the biggest universities and colleges in the U.S. and Canada.
Lumen Technologies
March 27, 2023
•[ ransomware, malware, technology ]
Lumen Technologies tells regulators that it had discovered two cybersecurity incidents, including a ransomware attack that has been degrading services for some enterprise customers.
CH Media
March 24, 2023
•[ ransomware, malware, technology ]
The Play ransomware group threatens to dump personal and confidential data, projects and employee payroll information of Switzerland-based CH Media if its ransom demands are not met.
Pluralsight
March 23, 2023
•[ ransomware, hack, technology ]
Pluralsight appears among Clop ransomware gang's latest victims hit in the ongoing GoAnywhere hacking spree.
Gray Television
March 23, 2023
•[ ransomware, malware, technology ]
US-based TV network Gray Television appears among Clop ransomware gang's latest victims hit in the ongoing GoAnywhere hacking spree.
Skylink
March 21, 2023
•[ hack, ddos, technology ]
M7 Group's Czech and Slovak operator Skylink is the victim of a DDoS attack by Russian threat actors.
