Heroku
May 4, 2022
•[ hack, misconfiguration, technology ]
Salesforce-owned Heroku performs a forced password reset on a subset of user accounts. The company admits that the stolen GitHub integration OAuth tokens from last month further led to the compromise of an internal customer database.
PRGX Global Inc.
May 4, 2022
•[ ransomware, malware, technology ]
Black Basta drops examples of sensitive organizational data on their dark web page demanding payment under threat of publication.
Ziedot
May 4, 2022
•[ hack, ddos, technology ]
A Latvian national news agency and another latvian news organization were hit by DDoS attacks on May 04. This attack was the largest of a spate of attacks that had affected the news agency since the start of the war.
TUI UK
May 3, 2022
•[ ransomware, malware, technology ]
SNATCH executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
TV NORD GROUP
April 23, 2022
•[ ransomware, malware, technology ]
Black Basta drops examples of sensitive organizational data on their dark web page demanding payment under threat of publication.
AHS Aviation Handling Services GmbH
April 16, 2022
•[ ransomware, leak, technology ]
RANSOM HOUSE criminal gang exploits data and encrypts systems. Data and ransom demands presented on "leak" site on dark web.
Chemical and IT sector organizations in South Korea
April 14, 2022
•[ espionage, malware, manufacturing ]
Researchers from Symantec Broadcom reveal that the Operation Dream Job has now been expanded to target chemical and IT sector organizations in South Korea.
Unnamed telecommunication company in Honolulu
April 12, 2022
•[ hack, technology ]
Federal agents in Honolulu disrupt an apparent cyberattack on an unnamed telecommunication company's servers associated with an underwater cable responsible for internet, cable service and cell connections in Hawaii and the region.
ERP provider in the Middle East
April 7, 2022
•[ ransomware, malware, technology ]
Researchers from Kaspersky provide an analysis of a BlackCat ransomware attack targeting an undisclosed ERP provider in the Middle East.
I-SEC
April 5, 2022
•[ leak, ransomware, malware ]
Conti threat actors add I-SEC, one of the main providers in the field of aviation security, to their leak site and have provided some proof of claim.
Yandex Food
April 1, 2022
•[ hack, leak, insider ]
Yandex blames one of its employees for the hacking and subsequent leak of data from Yandex Food, a popular food delivery service in Russia.
ICTV
April 1, 2022
•[ espionage, malware, technology ]
Researchers from Malwarebytes reveal that the cyberespionage actor UAC-0056, also known as SaintBear, UNC2589 and TA471, is using a macro-embedded Excel document to target several entities in Ukraine, including ICTV, a private TV channel.
Vice Media
March 29, 2022
•[ leak, financial, hack ]
Vice Media suffers a cyber attack and a breach leaking the sensitive information and financial data of more than 1,700 people.
Ukrtelecom
March 28, 2022
•[ hack, ddos, technology ]
Web traffic from major Ukrainian internet service provider Ukrtelecom is once again disrupted.
Mailchimp
March 26, 2022
•[ hack, phishing, technology ]
Email marketing firm MailChimp disclosed that they had been hit by hackers who gained access to internal customer support and account management tools to steal audience data and conduct phishing attacks.
MCG Health
March 25, 2022
•[ leak, healthcare, technology ]
MCG Health a software company that provides patient care guidelines to providers and health plans using artificial intelligence and technology solutions, notifies about a recent data breach. 1.1 million people are possibly affected.
HubSpot
March 19, 2022
•[ hack, technology ]
Customer relationship management company HubSpot confirms being targeted by hackers after several cryptocurrency services started informing their customers about a cybersecurity incident involving HubSpot.
Telegram
March 18, 2022
•[ hack, leak, malware ]
IT Army of Ukraine claims to have conducted a hack and leak operation against a Russian social media application. The operation consisted of exploiting a vulnerability in the beta version of the software, and the subsequent infection of all beta testers with an updated malicious version of the application.
Ask.FM?
March 14, 2022
•[ leak, technology ]
A seller called "Data," lists a database on a forum with the data of 350 million users allegedly obtained from Ask.FM.
Elevate Services
March 14, 2022
•[ ransomware, malware, technology ]
Elevate Services, Inc. experienced what appears to have been a ransomware attack that leaked confidential information belonging to certain consumers.
