Summary: The Top Threats to Cloud Computing 2024 report by the Cloud Security Alliance highlights the persistent critical vulnerabilities in cloud security, including misconfigurations and IAM weaknesses, while noting a shift in the significance of certain threats. Key trends such as increased attack sophistication and evolving regulatory landscapes are shaping the future of cloud security practices.…
Tag: FINANCIAL
Summary: The NIS2 Directive represents a significant shift in cybersecurity regulation across Europe, expanding its scope and imposing stricter compliance requirements on organizations. This regulation aims to enhance cyber resilience but raises concerns about its potential impact on innovation within the cybersecurity sector.
Threat Actor: N/A | N/A Victim: N/A | N/A
Key Point :
The NIS2 Directive broadens the scope of cybersecurity regulations, potentially increasing the number of entities affected from 3,000 to approximately 30,000.…Short Summary:
In 2024, malware loaders have become a prevalent tool in cyberattacks, with loaders like SocGholish, GootLoader, and Raspberry Robin leading the charge. These loaders utilize sophisticated evasion techniques and are increasingly leveraging scripting languages like Python for persistence and stealth. The report highlights the evolution of these loaders, their impact on organizations, and provides mitigation strategies for cybersecurity professionals.…
Short Summary:
Threat analysts are tracking a campaign that uses fake websites and social engineering to distribute a malicious version of AnyDesk remote access software to Windows and macOS users. This software is then used to steal data and money from victims, targeting brands such as UK banks and antivirus companies.…
Summary: This report analyzes the rising use of data-exfiltration tools, particularly Rclone, by threat actors in cyber incidents, highlighting their capabilities and the implications for organizations. It also provides recommendations for enhancing security measures to mitigate the risks associated with data exfiltration.
Threat Actor: Various threat groups | LockBit, Black Basta, Blacksuit Victim: Organizations across sectors | US manufacturing sector, UK professional services
Key Point :
Rclone has been identified as the most frequently used data-exfiltration tool, appearing in 57% of incidents investigated by ReliaQuest.…Threat Actor: Fenice | Fenice Victim: Tencent | Tencent Price: Not disclosed Exfiltrated Data Type: Mobile numbers, email addresses, QQ IDs
Key Points :
1.4 billion records containing personal information were exposed from Tencent’s database. The leaked data includes sensitive information such as mobile numbers, email addresses, and QQ IDs, all stored in plaintext.…Victim: Moser Wealth Advisors Country : US Actor: rhysida Source: Discovered: 2024-08-11 11:03:11.950062 Published: 2024-08-11 11:03:10.889160 Description : Moser Wealth Advisors Based in Bellevue, Washington, Moser Wealth Advisors is a regionally owned and operated wealth management firm that combines a Certified Public Accounting firm and Registered Investment Advisor to deliver comprehensive financial planning solutions that incorporate sophisticated tax and investment advice to high net worth individuals, families and business owners.…
Threat Actor: netnsher | netnsher Victim: ADT | ADT Price: Not disclosed Exfiltrated Data Type: Customer emails, full addresses, user IDs, products bought
Key Points :
ADT experienced a data breach affecting over 30,000 customers. The breach was disclosed following a cyber attack that accessed customer order information.…Date Reported: 2024-08-08 Country: USA Victim: Ohio School Boards Association (OSBA) | Ohio School Boards Association | ohioschoolboards.org Additional Information :
The Ohio School Boards Association (OSBA) was targeted in a cyberattack on Thursday. This incident resulted in the disruption of their internet connection and limited their services.…Threat Actor: Hikki-chan | Hikki-chan Victim: Florida Office of Financial Regulation | Florida Office of Financial Regulation Price: N/A Exfiltrated Data Type: Personal Identifiable Information (PII), professional licensing records, inspection and compliance reports, business addresses, professional affiliations, regulatory actions, survey data
Key Points :
Threat actor claims to have leaked a database containing 8.6 million records.…Threat Actor: Unauthorized Actors | Unauthorized Actors Victim: ADT Inc. | ADT Inc. Price: Not disclosed Exfiltrated Data Type: Customer order information, including email addresses, phone numbers, and postal addresses
Key Points :
Unauthorized access to customer order information databases was detected by ADT. Limited customer information was obtained, with no evidence of compromised sensitive financial data.…Victim: www.arkworkplacerisk.co.uk Country : GB Actor: alphalocker Source: http://mydatae2d63il5oaxxangwnid5loq2qmtsol2ozr6vtb7yfm5ypzo6id.onion/blog/blog_1-17 Discovered: 2024-08-09 21:58:22.255018 Published: 2024-08-09 21:58:21.401303 Description : 90GB DATA-Customer data -Financial data of the company -Employee information etc.
Ransomware Victims – ALL Other Victims by alphalocker…
Threat Actor: LeonelSecurityTeam | LeonelSecurityTeam Victim: JC Premiere Philippines | JC Premiere Philippines Price: Not disclosed Exfiltrated Data Type: Personal information (full names, home addresses, contact numbers, email addresses, identification numbers, card numbers)
Key Points :
Data breach affects approximately 300,000 users. Highly sensitive information, including identification cards, was compromised.…Keypoints :
SocGholish is the leading malware, comprising 60% of the list.…Summary: A sophisticated phishing campaign exploits trust in well-known platforms like Google Drawings and WhatsApp to deceive users into providing personal and financial information. This “Living Off Trusted Sites” (LOTS) attack utilizes deceptive links and multiple steps to collect sensitive data from victims.
Threat Actor: Unknown | unknown Victim: Individuals with Amazon accounts | Amazon
Key Point :
The phishing email directs victims to a fake Amazon verification link disguised as a graphic hosted on Google Drawings.…Summary: A recent investigation by Consumer Reports revealed that many data removal services, which claim to eliminate consumer information from people-search data broker sites, are largely ineffective. The study found that only 35% of data instances were successfully removed within four months, highlighting the unreliability of these services.…
Summary: A recent report by Rapid7 reveals a surge in ransomware groups, with 21 new or rebranded entities emerging since January 2024, alongside established gangs like LockBit. The report highlights a shift in tactics, including the exploitation of zero-days and a focus on smaller companies as primary targets for ransomware attacks.…
Summary: A ransomware attack on loanDepot compromised the personal data of 16.6 million individuals, costing the mortgage lender nearly $27 million in related expenses, including a significant settlement for a class-action lawsuit. The attack, attributed to the BlackCat ransomware group, highlights the growing threat to financial institutions and the severe financial ramifications of inadequate data protection.…
Summary: Sporting events create extensive consumer engagement and interconnected networks that enhance experiences but also introduce significant cybersecurity risks. Businesses and fans must be aware of these vulnerabilities and implement robust strategies to mitigate potential threats during high-activity periods.
Threat Actor: Cybercriminals | cybercriminals Victim: Sporting venues and attendees | sporting venues and attendees
Key Point :
Sporting events are susceptible to various cyber threats, including DDoS attacks, bot attacks on ticketing, and deceptive Wi-Fi hotspots.…Threat Actor: IntelBroker | IntelBroker Victim: USBank | USBank Price: Available for download Exfiltrated Data Type: User data
Key Points :
Threat actor claimed responsibility for a significant data breach executed in August 2024. Approximately 2.7 million lines of user data were compromised. Compromised data includes sensitive information such as User ID, Username, Email, and more.…