Summary: The Top Threats to Cloud Computing 2024 report by the Cloud Security Alliance highlights the persistent critical vulnerabilities in cloud security, including misconfigurations and IAM weaknesses, while noting a shift in the significance of certain threats. Key trends such as increased attack sophistication and evolving regulatory landscapes are shaping the future of cloud security practices.…

Read More

Summary: The NIS2 Directive represents a significant shift in cybersecurity regulation across Europe, expanding its scope and imposing stricter compliance requirements on organizations. This regulation aims to enhance cyber resilience but raises concerns about its potential impact on innovation within the cybersecurity sector.

Threat Actor: N/A | N/A Victim: N/A | N/A

Key Point :

The NIS2 Directive broadens the scope of cybersecurity regulations, potentially increasing the number of entities affected from 3,000 to approximately 30,000.…
Read More

Short Summary:

In 2024, malware loaders have become a prevalent tool in cyberattacks, with loaders like SocGholish, GootLoader, and Raspberry Robin leading the charge. These loaders utilize sophisticated evasion techniques and are increasingly leveraging scripting languages like Python for persistence and stealth. The report highlights the evolution of these loaders, their impact on organizations, and provides mitigation strategies for cybersecurity professionals.…

Read More

Summary: This report analyzes the rising use of data-exfiltration tools, particularly Rclone, by threat actors in cyber incidents, highlighting their capabilities and the implications for organizations. It also provides recommendations for enhancing security measures to mitigate the risks associated with data exfiltration.

Threat Actor: Various threat groups | LockBit, Black Basta, Blacksuit Victim: Organizations across sectors | US manufacturing sector, UK professional services

Key Point :

Rclone has been identified as the most frequently used data-exfiltration tool, appearing in 57% of incidents investigated by ReliaQuest.…
Read More

Threat Actor: Fenice | Fenice Victim: Tencent | Tencent Price: Not disclosed Exfiltrated Data Type: Mobile numbers, email addresses, QQ IDs

Key Points :

1.4 billion records containing personal information were exposed from Tencent’s database. The leaked data includes sensitive information such as mobile numbers, email addresses, and QQ IDs, all stored in plaintext.…
Read More

Victim: Moser Wealth Advisors Country : US Actor: rhysida Source: Discovered: 2024-08-11 11:03:11.950062 Published: 2024-08-11 11:03:10.889160 Description : Moser Wealth Advisors Based in Bellevue, Washington, Moser Wealth Advisors is a regionally owned and operated wealth management firm that combines a Certified Public Accounting firm and Registered Investment Advisor to deliver comprehensive financial planning solutions that incorporate sophisticated tax and investment advice to high net worth individuals, families and business owners.…

Read More

Date Reported: 2024-08-08 Country: USA Victim: Ohio School Boards Association (OSBA) | Ohio School Boards Association | ohioschoolboards.org Additional Information :

The Ohio School Boards Association (OSBA) was targeted in a cyberattack on Thursday. This incident resulted in the disruption of their internet connection and limited their services.…
Read More

Threat Actor: Hikki-chan | Hikki-chan Victim: Florida Office of Financial Regulation | Florida Office of Financial Regulation Price: N/A Exfiltrated Data Type: Personal Identifiable Information (PII), professional licensing records, inspection and compliance reports, business addresses, professional affiliations, regulatory actions, survey data

Key Points :

Threat actor claims to have leaked a database containing 8.6 million records.…
Read More

Threat Actor: Unauthorized Actors | Unauthorized Actors Victim: ADT Inc. | ADT Inc. Price: Not disclosed Exfiltrated Data Type: Customer order information, including email addresses, phone numbers, and postal addresses

Key Points :

Unauthorized access to customer order information databases was detected by ADT. Limited customer information was obtained, with no evidence of compromised sensitive financial data.…
Read More

Victim: www.arkworkplacerisk.co.uk Country : GB Actor: alphalocker Source: http://mydatae2d63il5oaxxangwnid5loq2qmtsol2ozr6vtb7yfm5ypzo6id.onion/blog/blog_1-17 Discovered: 2024-08-09 21:58:22.255018 Published: 2024-08-09 21:58:21.401303 Description : 90GB DATA-Customer data -Financial data of the company -Employee information etc.

Ransomware Victims – ALL Other Victims by alphalocker…

Read More

Threat Actor: LeonelSecurityTeam | LeonelSecurityTeam Victim: JC Premiere Philippines | JC Premiere Philippines Price: Not disclosed Exfiltrated Data Type: Personal information (full names, home addresses, contact numbers, email addresses, identification numbers, card numbers)

Key Points :

Data breach affects approximately 300,000 users. Highly sensitive information, including identification cards, was compromised.…
Read More

In Q2 2024, the MS-ISAC reported a moderate shift in the Top 10 Malware, with SocGholish remaining the most prevalent. The report highlights various malware types, their infection vectors, and associated indicators of compromise (IoCs) to aid in cybersecurity defense. #CyberSecurity #Malware #ThreatIntelligence

Keypoints :

SocGholish is the leading malware, comprising 60% of the list.…
Read More

Summary: A sophisticated phishing campaign exploits trust in well-known platforms like Google Drawings and WhatsApp to deceive users into providing personal and financial information. This “Living Off Trusted Sites” (LOTS) attack utilizes deceptive links and multiple steps to collect sensitive data from victims.

Threat Actor: Unknown | unknown Victim: Individuals with Amazon accounts | Amazon

Key Point :

The phishing email directs victims to a fake Amazon verification link disguised as a graphic hosted on Google Drawings.…
Read More

Summary: A ransomware attack on loanDepot compromised the personal data of 16.6 million individuals, costing the mortgage lender nearly $27 million in related expenses, including a significant settlement for a class-action lawsuit. The attack, attributed to the BlackCat ransomware group, highlights the growing threat to financial institutions and the severe financial ramifications of inadequate data protection.…

Read More

Summary: Sporting events create extensive consumer engagement and interconnected networks that enhance experiences but also introduce significant cybersecurity risks. Businesses and fans must be aware of these vulnerabilities and implement robust strategies to mitigate potential threats during high-activity periods.

Threat Actor: Cybercriminals | cybercriminals Victim: Sporting venues and attendees | sporting venues and attendees

Key Point :

Sporting events are susceptible to various cyber threats, including DDoS attacks, bot attacks on ticketing, and deceptive Wi-Fi hotspots.…
Read More

Threat Actor: IntelBroker | IntelBroker Victim: USBank | USBank Price: Available for download Exfiltrated Data Type: User data

Key Points :

Threat actor claimed responsibility for a significant data breach executed in August 2024. Approximately 2.7 million lines of user data were compromised. Compromised data includes sensitive information such as User ID, Username, Email, and more.…
Read More