Key Points :
Alleged data breach at a Japanese mining company. Potential exposure of sensitive corporate and operational information. Highlights vulnerabilities in safeguarding critical corporate data.…Key Points :
Access to a Managed Service Provider (MSP) in the United States has allegedly been compromised. The incident raises significant concerns about the security of third-party service providers.…Key Points :
1.4 million records were exposed in the breach. The incident raises concerns about the security of fintech platforms. Vulnerabilities in safeguarding sensitive financial information were highlighted.…Key Points :
Alleged leak from Dark Engine has exposed sensitive phone data. Incident raises concerns about data privacy and personal information security.…Key Points :
Data breach potentially exposes sensitive customer information. Incident raises concerns about data privacy and security measures in e-commerce. Highlights vulnerabilities in e-commerce data protection. Customers advised to monitor accounts for unusual activity.…Summary: Rockwell Automation has issued a critical advisory regarding severe vulnerabilities in its PowerMonitor 1000 devices, which could lead to significant security risks including remote code execution and device takeover. The vulnerabilities have been assigned a CVSS score of 9.8, indicating their critical nature and the urgent need for firmware updates.…
Key Points :
The full database of Codo.ma.gov has allegedly been exposed in a data breach. This incident raises significant concerns about the security of government-managed data. Privacy of individuals associated with the platform is at risk.…Key Points :
Leak allegedly exposes sensitive phone data from users in the United States. Incident raises significant concerns about user privacy and data protection measures.…Key Points :
Xiaomi, a major global tech company, has reportedly suffered a data breach in China. The breach has exposed sensitive user information from its database, raising privacy concerns.…Key Points :
Over 5.26 million wealthy businessmen in China were affected by the data leak. The breach raises significant concerns regarding privacy and data security.…Key Points :
Data from 11,346 WhatsApp users in China has been exposed. The incident raises concerns about user privacy and security measures of communication platforms. Highlights vulnerabilities in protecting sensitive user data.…Key Points :
A data breach has allegedly exposed personal details of individuals in Vietnam. The incident raises significant concerns about privacy and security measures.…Key Points :
A data breach has exposed personal information of individuals in Vietnam. The incident raises significant concerns regarding privacy and data security. There is an urgent need for enhanced cybersecurity measures in the region.…Key Points :
Modia’s Magento-based platform suffered a data breach. Compromised data includes sensitive customer and transactional information. The incident raises concerns about data security in e-commerce platforms.…Summary: Foxit has issued a critical security update for its PDF Reader and Editor to address multiple vulnerabilities, including risks of remote code execution and privilege escalation. Users are urged to upgrade to version 2024.4 to mitigate these threats.
Threat Actor: Unknown | unknown Victim: Foxit Software | Foxit Software
Key Point :
Untrusted URL Invocation allows attackers to embed malicious code in PDF documents.…Summary: AhnLab Security Intelligence Center has identified a new DDoS malware strain named cShell, which targets poorly secured Linux SSH servers by exploiting weak credentials. Once compromised, these servers are turned into DDoS bots capable of executing various attack types.
Threat Actor: Unknown | unknown Victim: Linux SSH Servers | Linux SSH Servers
Key Point :
cShell employs brute force attacks on SSH services using weak or default credentials.…Summary: A critical vulnerability (CVE-2024-49194) in the Databricks JDBC Driver allows for remote code execution through JNDI injection, affecting versions 2.6.38 and below. Security researchers have highlighted the urgency of updating to patched versions to mitigate potential attacks.
Threat Actor: Unknown | unknown Victim: Databricks | Databricks
Key Point :
Vulnerability CVE-2024-49194 has a CVSSv3.1 score of 7.3, indicating high severity.…Summary: Sophos has addressed three critical vulnerabilities in its Firewall product, which could lead to severe security risks including remote code execution and privilege escalation. The vulnerabilities, tracked as CVE-2024-12727, CVE-2024-12728, and CVE-2024-12729, affect a small percentage of devices but require immediate attention from users.…
### #RaccoonInfostealer #MalwareAsAService #CyberCrimeSentencing
Summary: Mark Sokolovsky, the operator behind the Raccoon Infostealer malware-as-a-service, has been sentenced to 60 months in prison after pleading guilty to conspiracy to commit computer intrusion. His operation facilitated widespread data theft, impacting numerous victims globally.
Threat Actor: Mark Sokolovsky | Mark Sokolovsky
Key Point :
Sokolovsky offered Raccoon Infostealer on a subscription basis for approximately $200 per month.…Keypoints :
Salt Typhoon is a Chinese state-sponsored cyber threat actor.…