MANILA, PHILIPPINES – Within this week, a series of data breaches, personal information from Toyota Makati, a renowned car dealership, Robinsons Malls, a prominent shopping mall chain, and S&R, a popular membership shopping club, has been compromised, affecting hundreds of thousands of customers.

Toyota Makati Data Breach:

An alleged data breach at Toyota Makati, discovered on May 29, 2024, has exposed over a terabyte of data spanning from 2016 to 2024.…

Read More

Published On : 2024-06-03

Executive Summary

At CYFIRMA, we are dedicated to providing current insights into prevalent threats and strategies utilized by malicious entities, targeting both organizations and individuals. This in-depth examination focuses on the Vidar Stealer, an information stealer operating as a malware-as-a-service. The research explores the tactics employed by threat actor(s) to evade detection on the system and over the network, as well as their techniques for concealing malicious code and activities.…

Read More

Threat Actor: Unknown | Unknown Victim: QuoteWizard.com and LendingTree | QuoteWizard.com and LendingTree Price: $2,000,000 Exfiltrated Data Type: Personal information, partial credit card details, auto history and driving records, personal background information, tracking pixel data

Additional Information:

The data allegedly includes full customer details such as names, addresses, emails, phone numbers, and other personal information.…
Read More

Threat Actor: ShinyHunters | ShinyHunters Victim: Ticketmaster | Ticketmaster Price: $500,000 Exfiltrated Data Type: Names, emails, addresses, phone numbers, ticket sales, and order details

Additional Information :

ShinyHunters, the current administrator of BreachForums, claimed the hack of Ticketmaster and offered for sale 1.3 TB of data, including full details of 560 million customers, for $500,000.…
Read More

Summary: Managed Service Partners (MSPs) highlight cybersecurity as their top concern in staying competitive in the market, with challenges including staying on top of security technologies, employing more security analysts, and maintaining awareness of the latest threats.

Threat Actor: N/A Victim: N/A

Key Point :

MSPs consider cybersecurity as their main concern for staying competitive in the market.…
Read More

Summary: A threat actor known as “phant0m” is promoting a new Ransomware-as-a-Service (RaaS) called “SpiderX,” which is designed to be more advanced and harder to detect than its predecessor, Diablo ransomware.

Threat Actor: phant0m | phant0m Victim: N/A

Key Point :

A threat actor named phant0m is advertising a new Ransomware-as-a-Service (RaaS) called SpiderX on the dark web forum OnniForums.…
Read More

This time, we’re not revealing a new cyber threat investigation or analysis, but I want to share some insights about the team behind all Sekoia Threat Intelligence and Detection Engineering reports. Let me introduce you to the Sekoia TDR team.

TL;DRSekoia Threat Detection & Research (TDR) is a multidisciplinary team dedicated to Cyber Threat Intelligence and Detection Engineering for the Sekoia SOC Platform.…
Read More

Published On : 2024-05-29

EXECUTIVE SUMMARY

A critical vulnerability, identified as CVE-2024-3273, has been discovered in certain end-of-life (EOL) D-Link NAS devices, presenting a severe threat due to the lack of ongoing support and their high susceptibility to attacks. With a CVSS base score of 9.8, this vulnerability is extremely serious, potentially allowing unauthorized access, data theft, system modifications, or denial of service attacks.…

Read More

Threat Actor: Unknown | Unknown Victim: Live Nation and Ticketmaster | Live Nation and Ticketmaster Price: Not specified Exfiltrated Data Type: Personal information, financial information, ticket sales, event information, order details, partial credit card details, customer fraud details, and other sensitive information

Additional Information:

The alleged sale involves the personal information of 560 million Live Nation and Ticketmaster users.…
Read More

Summary: This article discusses the data breach faced by an Australian telecom company and the investigation and potential fines it is facing as a result.

Threat Actor: N/A Victim: Optus | Optus

Key Point :

An Australian telecom company, Optus, is facing an investigation and potential fines from the Office of the Australian Information Commissioner (OAIC) following a data breach in 2022.…
Read More

In the ever-evolving landscape of cybersecurity threats, new groups like Hunt3r Kill3rs emerge with claims of disruptive capabilities. This analysis aims to provide an initial understanding of their activities, considering the limited timeframe and absence of concrete evidence substantiating their claims.

Hunt3r Kill3rs’ logo

Overview of Hunt3r Kill3rs:

Hunt3r Kill3rs, a recently surfaced threat group, assert their prowess in cyber operations, including Industrial Control Systems (ICS) breaches, communication network intrusions, and web application vulnerabilities exploitation.…

Read More

Summary: A Morocco-based cybercriminal group known as Atlas Lion or Storm-0539 is targeting large retailers to fraudulently issue gift card codes to themselves, allowing them to generate their own money.

Threat Actor: Atlas Lion or Storm-0539 | Atlas Lion or Storm-0539 Victim: Large retailers | large retailers

Key Point :

A cybercriminal group known as Atlas Lion or Storm-0539 is breaching the systems of large retailers to fraudulently issue gift card codes to themselves.…
Read More

Summary: SOCRadar, a cybersecurity company, has successfully raised $25.2 million in its Series B funding round, reflecting investor confidence in its innovative approach to cybersecurity.

Threat Actor: N/A Victim: N/A

Key Point :

SOCRadar has raised $25.2 million in its Series B funding round, led by PeakSpan Capital and with participation from Oxx.…
Read More

As organizations prepare for the challenges and opportunities of 2024, the critical importance of cybersecurity preparedness is increasingly apparent. In an era characterized by rapid digital transformation and continuous innovation, cyber threats are becoming more sophisticated and frequent, presenting substantial risks to businesses across all sectors.…

Read More