Tag: IMPACT

Victim: Jan Nygaard Country : DK Actor: dragonforce Source: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=d01a1791-f858-42d2-a84e-291664e49978 Discovered: 2025-01-25 21:27:47.271909 Published: 2025-01-25 21:26:42.497656 Description : Company Name: Jan Nygaard As Industry: Industrial Machinery & Equipment Employee Count: 100 to 249 people Revenue: 10M to 25M Headquarters: Glostrup, Capital Region, Denmark

About Country DK (Denmark)

– Cybersecurity Infrastructure: Denmark has a robust cybersecurity framework, governed by the Danish Agency for Cyber and Critical Information Infrastructure (DCI).…

Read More

Victim: nutripack.eu Country : FR Actor: safepay Source: http://nz4z6ruzcekriti5cjjiiylzvrmysyqwibxztk6voem4trtx7gstpjid.onion#nutripack Discovered: 2025-01-25 20:30:47.878358 Published: 2025-01-25 20:30:47.878358 Description : Nutripack.eu is an international company based in Europe. Specializes in manufacturing and sales of sustainable food packaging. Offers innovative, eco-friendly solutions including recyclable trays and biodegradable options. Established with the goal of reducing plastic wastage.…
Read More
No Honour Among Thieves: Uncovering a Trojanized XWorm RAT Builder Propagated by Threat Actors and Disrupting Its Operations
A trojanized version of the XWorm RAT builder has been weaponized and disseminated primarily through GitHub and other file-sharing services, targeting novice users in cybersecurity. The malware has compromised over 18,459 devices globally, exfiltrating sensitive data and utilizing Telegram for command-and-control operations. Disruption efforts have been made to mitigate its impact, but challenges remain due to offline devices and rate-limiting on Telegram.…
Read More
Cybersecurity News Review, Week 4 (2025)
This week’s cybersecurity overview includes critical vulnerabilities in various software and hardware, exploits of chained vulnerabilities, record-high DDoS attacks, and a notable ransomware surge, particularly impacting education and utilities. The article emphasizes the necessity for improved security measures across affected sectors. Affected: 7-Zip, Asus, Ivanti Cloud Service Appliances, Cisco, Cambium Networks, ABB, UK Education Sector, PowerSchool, US Utilities, Russia, Iran

Keypoints :

7-Zip has a critical vulnerability (CVE-2025–0411) that allows code execution by bypassing the Mark of the Web security feature.…
Read More

Attacker: MrBrew1337Target: https://pt-kaltara.go.idSource: http://www.zone-h.org/mirror/id/41316190

Attacker: ./OutsidersTarget: rdm.mtsn1banyumas.sch.id/wle.t…Source: https://zone-xsec.com/mirror/id/703475

Attacker: ./OutsidersTarget: ppdb.mtsn1banyumas.sch.id/wle….Source: https://zone-xsec.com/mirror/id/703474

Attacker: ./OutsidersTarget: elearning.mtsn1banyumas.sch.id…Source: https://zone-xsec.com/mirror/id/703473

Attacker: ./OutsidersTarget: mtsn1banyumas.sch.id/wle.txtSource: https://zone-xsec.com/mirror/id/703472

Attacker: fitwilliamx12Target: kmews.drmc.gov.et/12.htmlSource: https://zone-xsec.com/mirror/id/703465

Attacker: MrBrew1337Target: antrian.pt-kaltara.go.idSource: https://zone-xsec.com/mirror/id/703464

Attacker: MrBrew1337Target: eseksi.pt-kaltara.go.idSource: https://zone-xsec.com/mirror/id/703463

Attacker: MrBrew1337Target: pt-kaltara.go.idSource: https://zone-xsec.com/mirror/id/703462

Attacker: Cynn7Target: lomsak.go.th/headimg/0x.htmlSource: https://zone-xsec.com/mirror/id/703460

Attacker: M4K10 R0YTarget: bayanadraga.khe.gov.mn/upload/…Source: https://zone-xsec.com/mirror/id/703458

Attacker: M4K10 R0YTarget: www.mlsp.gov.mn/home01/mlspgov…Source:…

Read More
UnitedHealth updates number of data breach victims to 190 million
Summary: The ransomware attack on Change Healthcare has now impacted nearly 200 million individuals, significantly more than previously reported. UnitedHealth, the parent company, has confirmed that sensitive personal and health information was accessed, including Social Security numbers and medical records. The company is still assessing the full extent of the breach and has begun notifying affected individuals.…
Read More
Arctic Wolf Observes Campaign Exploiting SimpleHelp RMM Software for Initial Access – Arctic Wolf
On January 22, 2025, Arctic Wolf observed a campaign exploiting vulnerabilities in SimpleHelp RMM software for unauthorized access. Several serious vulnerabilities had been disclosed just prior, potentially allowing attackers to leverage administrative privileges. While it’s uncertain if these vulnerabilities are responsible, Arctic Wolf urges users to upgrade their software to mitigate risks.…
Read More
Arctic Wolf Observes Campaign Exploiting SimpleHelp RMM Software for Initial Access – Arctic Wolf
A recent campaign has been observed targeting devices running SimpleHelp RMM software, exploiting newly disclosed vulnerabilities. Arctic Wolf recommends upgrading SimpleHelp server software and uninstalling unused clients to mitigate risks. The threat actors could potentially gain administrative access, facilitating broader intrusions. Affected: SimpleHelp RMM software, organizations using SimpleHelp

Keypoints :

Campaign observed involving unauthorized access via SimpleHelp RMM software.…
Read More
Burp Suite Other Modules Thm
The article provides an in-depth overview of the Burp Suite’s lesser-known modules, focusing on the Decoder, Comparer, Sequencer, and Organizer tools. Each tool serves a unique function: the Decoder for encoding/decoding data, the Comparer for data comparison, the Sequencer for evaluating token randomness, and the Organizer for managing HTTP requests for future reference.…
Read More

Victim: aws.amazon.com | 8 btc Country : US Actor: GDLockerSec Source: http://igziys7pres4644kbrtakxfbrwkyld64nxk5prpkgtcexwrrjgtfjzyd.onion/294bddb7-1ae9-48d1-b5d1-370e4a308575/ Discovered: 2025-01-25 02:33:35.659864 Published: 2025-01-25 02:32:29.930073 Description : Data storage capacity: 9GB

About Country: US

– Cybersecurity Framework: The US has a robust cybersecurity framework led by agencies such as the Cybersecurity and Infrastructure Security Agency (CISA), which promotes a coordinated national response to cyber threats.…

Read More
Fortify Your APIs: How BeVigil Secured a Logistics Giant from Critical Vulnerabilities
This article emphasizes the critical importance of API security, highlighting how misconfigurations can lead to significant vulnerabilities and potential data breaches. It discusses a case study where BeVigil helped a logistics company identify and rectify a major API security gap involving the Kong API Gateway. Affected: Kong API Gateway

Keypoints :

APIs are essential for modern business operations, facilitating integrations and service delivery.…
Read More

Victim: KEEACTIONSPORTS.COM Country : US Actor: clop Source: Discovered: 2025-01-24 17:13:10.700557 Published: 2025-01-24 17:13:10.700557 Description : Online retailer specializing in sports-related goods and equipment Caters to the needs of sports enthusiasts Product range covers various sports: golfing, running, swimming, team sports, etc. Focus on high-quality sporting goods Aims to enhance performance and ensure customer satisfaction

About Country: United States

– Cybersecurity Landscape: The U.S.…

Read More

Victim: NORTHERNONTARIOWIRES.COM Country : CA Actor: clop Source: Discovered: 2025-01-24 17:16:35.500026 Published: 2025-01-24 17:16:35.500026 Description : NorthernOntarioWires.com is based in Northern Ontario, Canada. Operates in the utilities sector, focusing on electricity distribution. Aims to provide reliable and cost-effective electric service. Primarily serves residential and commercial sectors in Northern Ontario.…
Read More

Victim: ARTIKA.COM Country : CA Actor: clop Source: Discovered: 2025-01-24 17:27:59.544620 Published: 2025-01-24 17:27:59.544620 Description : Canadian company specializing in modern lighting and plumbing solutions Offers a diverse catalog of innovative and aesthetic home improvement products Products include light fixtures, sinks, faucets, and bathroom accessories Emphasis on design and functionality Renowned for high-quality products Widely available in popular home improvement stores across North America

About Country: Canada (CA)

– Cybersecurity Framework: Canada has established a comprehensive cybersecurity strategy, focusing on risk management and national infrastructure protection.…

Read More

Victim: BURRISLOGISTICS.COM Country : US Actor: clop Source: Discovered: 2025-01-24 17:29:08.467540 Published: 2025-01-24 17:29:08.467540 Description : Burris Logistics is a supply chain management company based in the United States. Specializes in custom retail distribution, warehousing services, and transportation solutions. Serves a diverse clientele including local startups and major global corporations.…
Read More
Information Security Analyst
This article outlines the responsibilities of an Information Security analyst at AIG, focusing on mitigating vulnerabilities like Log4j, preventing ransomware attacks, and implementing continuous monitoring. Key strategies included using resources from CISA for vulnerability assessments and creating custom tools for decryption. Affected: AIG, Cybersecurity & Infrastructure Security Agency (CISA), Apache Log4j, ransomware gangs

Keypoints :

AIG is an American multinational finance and insurance corporation with operations in over 80 countries.…
Read More

Victim: POLARISTRANSPORT.COM Country : CA Actor: clop Source: Discovered: 2025-01-24 17:36:13.062878 Published: 2025-01-24 17:36:13.062878 Description : Company Name: Polaris Transport Location: Canada Specialization: Cross-border cargo shipping Fleet: Equipped with advanced technology Services Offered: Less-than-truckload (LTL) Full truckload Heated service Expedited transport Additional Services: Warehousing and distribution Customer Focus: High-quality service, safety, and punctuality

About Country CA (Canada) – Cybersecurity Perspective and Ransomware Cases

– Cybersecurity Framework: Canada has a national cybersecurity strategy aimed at enhancing resilience against cyber threats, including partnerships with private sectors and international allies.…

Read More

Victim: AMPOL.COM.AU Country : AU Actor: clop Source: Discovered: 2025-01-24 17:37:19.265724 Published: 2025-01-24 17:37:19.265724 Description : Ampol is an Australian-based company specializing in fuel technology and convenience retail. Established in 1900, Ampol is one of the largest companies in Australia. It has a substantial network of service stations and fuel infrastructure.…
Read More