Cleartrip
July 18, 2022
•[ hack, technology ]
Popular Indian flight booking site Cleartrip announces a data breach involving the unauthorized access to the information of an unknown number of victims.
Hjedd
July 18, 2022
•[ leak, misconfiguration, technology ]
In July 2022, the Chinese adult website Hjedd was found to be leaking more than 13M customer records which subsequently appeared on a popular hacking forum. The exposed data included email and IP addresses, usernames and passwords stored as bcrypt hashes.
Undisclosed US-based media organization
July 14, 2022
•[ espionage, technology ]
Researchers from Proofpoint reveal the details of a campaign carried out by the North Korean threat group Lazarus Group (AKA TA404) targeting an undisclosed US-based media organization.
WordFly
July 10, 2022
•[ ransomware, malware, technology ]
WordFly, a tech company providing digital marketing for dozens of the most popular cultural organizations in several countries, is hit with a ransomware attack.
Rogers Communications
July 9, 2022
•[ leak, technology ]
Attackers post an ad on a mostly Russian-speaking hacker forum, putting on sale a database allegedly belonging to Rogers Communications, a Canadian company providing wireless, cable, and internet services.
La Poste Mobile
July 8, 2022
•[ ransomware, malware, technology ]
French mobile phone network La Poste Mobile is hit by a ransomware attack that has crippled its administrative and management services.
SHI International
July 6, 2022
•[ hack, malware, technology ]
SHI International, a provider of Information Technology products and services, confirms that a malware attack hit its network over the weekend.
Multiple organizations in Japan
July 5, 2022
•[ espionage, malware, technology ]
The Japan CERT (JPCERT) discover a new version of the VSingle malware, used by the Lazarus Group, able to retrieve the C2 servers information from GitHub.
Mangatoon
July 5, 2022
•[ hack, misconfiguration, technology ]
Comic reading platform Mangatoon suffers a data breach that exposed information belonging to 23 million user accounts after a hacker stole it from an unsecured Elasticsearch database.
La Poste Mobile
July 4, 2022
•[ ransomware, financial, technology ]
In July 2022, the French telecommunications company La Poste Mobile was the target of an attack by the LockBit ransomware which resulted in company data being published publicly. The impacted data included 533k unique email addresses along with names, physical addresses, phone numbers, dates of births, genders and banking information. 10 days after the attack, the La Poste Mobile website remained offline.
Apex
June 29, 2022
•[ ransomware, malware, technology ]
SNATCH executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
Macmillan Publishers
June 25, 2022
•[ hack, misconfiguration, technology ]
On December 5, 2022, Macmillan reported a data breach with the Texas Attorney General after an unauthorized party was able to bypass its data security system and gain access to sensitive consumer information on the company's computer system.
Vulnerable Telerik UI systems
June 15, 2022
•[ financial, malware, technology ]
A threat actor known as 'Blue Mockingbird' is targeting Telerik UI vulnerabilities to compromise servers, install Cobalt Strike beacons, and mine Monero by hijacking system resources.
Novelty Group
June 15, 2022
•[ ransomware, leak, malware ]
Vice Society encrypts network and threatens to leak data on their dark web portal.
Montrose Environmental Group
June 13, 2022
•[ ransomware, malware, technology ]
Montrose Environmental Group, a US-based provider of environmental services, reveals it was hit by a ransomware attack last weekend that disrupted its laboratory testing operations.
ER-Telecom Holding
June 9, 2022
•[ hack, technology ]
The NB65 group claim to have gained access to surveillance footage, looked at sensitive data, stored credentilas as well as got access to 5TB fo surveillance footage.
Kommersant FM
June 8, 2022
•[ hack, technology ]
The online bulletin broadcast of a Russian radio station, Kommersant FM, is interrupted when the content was replaced with the Ukrainian national anthem and antiwar songs.
Unidentified Telecommunications company
June 7, 2022
•[ espionage, technology ]
The NSA, CISA, and the FBI reveal that Chinese-backed threat actors have targeted and compromised major telecommunications companies and network service providers to steal credentials and harvest data.
OLL.TV
June 5, 2022
•[ hack, misconfiguration, technology ]
According to the State Service of Special Communications and Information Protection of Ukraine (SSSCIP), the broadcast of the Football World Cup 2022 qualifier game between Wales and Ukraine is interrupted in Ukraine by a cyberattack that targeted OLL.TV, a Ukrainian online broadcasting platform. SSSCIP claims that malicious actors succeeded in gaining access to a Content delivery network (CDN) nod and rerouted the traffic. Ukrainian authorities temporarily stopped the broadcast to restart the traffic.
