CloudSEK
December 7, 2022
•[ hack, misconfiguration, technology ]
Indian cybersecurity firm CloudSEK says a threat actor gained access to its Confluence server using stolen credentials for one of its employees' Jira accounts.
Activision
December 4, 2022
•[ social, phishing, technology ]
In December 2022, attackers socially engineered an Activision HR employee into disclosing information which led to the breach of almost 20k employee records. The data contained 16k unique email addresses along with names, phone numbers, job titles and the office location of the employee. Activision advised that no sensitive employee information was included in the breach.
Teqtivity
December 2, 2022
•[ leak, technology ]
Uber staff info leaks after supplier Teqtivity gets pwned
Intrado
December 1, 2022
•[ ransomware, malware, technology ]
Royal Ransomware gang claimed responsibility for a cyber attack against telecommunications company Intrado
West Technology Group (WTG)
December 1, 2022
•[ hack, technology ]
West Technology Group (WTG) files a notice of data breach after confirming that an unauthorized party was able to access and remove confidential employee information from the company's computer network.
Mercury IT
November 30, 2022
•[ ransomware, malware, technology ]
NZ Privacy Commissioner Investigates Mercury IT Ransomware Attack.
GoTo
November 30, 2022
•[ hack, technology ]
Remote access and collaboration company GoTo discloses that they suffered a security breach where threat actors gained access to their development environment and third-party cloud storage service.
Numerous Ukranian organizations
November 28, 2022
•[ ransomware, malware, technology ]
ESET researchers have discovered a new Sandworm campaign, using a ransomware dubbed RansomBoggs, targeting Ukrainian organizations.
Movie Forums
November 24, 2022
•[ hack, misconfiguration, technology ]
In December 2022, the Movie Forums website suffered a data breach that affected 40k users. The breach exposed email and IP addresses, usernames, dates of birth and passwords stored as easily crackable salted MD5 hashes. The data was subsequently posted a popular clear web hacking forum.
PBS KVIE
November 23, 2022
•[ ransomware, malware, technology ]
The LockBit ransomware group claims responsibility for a ransomware attack on PBS KVIE, a public broadcasting affiliate in Sacramento, California.
Three Cube IT Lab
November 22, 2022
•[ leak, technology ]
On November 22, 2022, CloudSEK discovered a post that advertised the sale of sensitive data sourced from Three Cube IT Lab India - a Chennai-based provider of business and consulting services.
New World TV
November 21, 2022
•[ hack, technology ]
The company that holds the World Cup broadcasting rights for sub-Saharan Africa says it has suffered a series of cyber-attacks since the tournament began.
DraftKings
November 21, 2022
•[ hack, brute-force, technology ]
Sports betting company DraftKings reveals that it would make whole customers affected by a credential stuffing attack that led to losses of up to $300,000.
Polish data centers
November 16, 2022
•[ hack, ddos, technology ]
Anonymous Russia claims to have conducted DDoS attacks against the websites of 5 Polish data centers.
Ticketmaster
November 14, 2022
•[ hack, ddos, technology ]
Ticketmaster releases a statement attributing the Taylor Swift concert ticketing issues to bots overloading their website.
ESO
November 14, 2022
•[ hack, technology ]
ESO, a company that provides record management system software, allowing emergency responders and paramedic agencies, receives an alert from its security team and shuts down its system.
Live Greece
November 12, 2022
•[ hack, ddos, technology ]
KillMilk claims to have conducted a DDoS attack against the website of a Greek TV channel.
Greek mobile operator
November 11, 2022
•[ hack, ddos, technology ]
KillNet collective claims to have conducted a DDoS attack against the website of a Greek mobile operator.
Yappy
November 8, 2022
•[ hack, leak, technology ]
Pro-Ukrainian threat actors have allegedly conducted a hack and leak operation against a Russian vertical video service. Tables with 2 million rows turned out to be publicly available, containing full names, mobile phones, registration dates, and other data of service users.
Smart Link BPO Solutions
November 7, 2022
•[ leak, technology ]
The group of threat actors calling themselves 'Justice Blade' publishes leaked data from Smart Link BPO Solutions, an outsourcing IT vendor working with major enterprises and government agencies in the Kingdom of Saudi Arabia and other countries in the GCC.'
