LEAK – Cybersecurity News Everyday

Windows BitLocker — Screwed without a Screwdriver — Neodyme

January 21, 2025January 21, 2025 admin

The article discusses a vulnerability known as “bitpixie” that allows attackers to access encrypted files on Windows devices using BitLocker without needing to disassemble the device. This exploit takes advantage of a bug in the Windows Boot Manager and requires only physical access to the device and a network connection.…

Ransom Monitor

Ransom! cana group corp

January 21, 2025 Monitorman

Victim: cana group corp Country : DO Actor: sarcoma Source: Discovered: 2025-01-20 13:59:53.039780 Published: 2025-01-20 13:59:53.039780 Description : Company Name: Cana Group Corp Brands: Cana, Guidom, Fresh Cana Focus: Anticipating new trends and understanding customer tastes and expectations Mission: Responding to customer needs effectively Location: Dominican Republic Leak Size: No data available Contains: No data available

About Country:

1.…

Trash

Weekly Cybersecurity Roundup: January 13, 2025 – January 19, 2025

January 20, 2025January 20, 2025 iocOne

A series of critical vulnerabilities have been reported across various platforms, including Aviatrix Controller and Microsoft 365 applications, leading to significant security risks such as unauthorized access and data breaches. Additionally, a new phishing tactic targeting Apple iMessage users and a malicious PyPi package aimed at Discord developers have emerged, highlighting the evolving threat landscape.…

Info Data Leak

Massive Data Breach Hits NBI: Millions of Records Exposed Online

January 19, 2025 LeakNews

Summary: The National Bureau of Investigation (NBI) in the Philippines has experienced a significant data breach, attributed to a threat actor known as “Zodiac Killer.” The breach, which involves over 3.6 GB of sensitive data, includes personal information of millions, potentially leading to severe privacy and security risks.…

Info Data Leak

Minecraft Event Documents Leak Raises Security Concerns

January 19, 2025 DailyDarkWeb

Victim: Daarick | Daarick Price: Not disclosed Data: Game-related details

Keypoints :

1,000 documents related to a Minecraft event were leaked. The breach potentially affects participants and organizers involved in the event. Highlights the need for robust security measures in gaming events. Risk of privacy violations and unauthorized exploitation within the gaming community.…

Info Data Leak

Hong Kong Database Leak Sparks Privacy Worries

January 19, 2025 DailyDarkWeb

Victim: Hong Kong Database | Hong Kong Database Price: Not disclosed Data: User information, including contact details and usernames

Keypoints :

Potential breach of a user information database in Hong Kong. Exposed sensitive personal data raises concerns over data security. Risk of identity theft and phishing attacks for affected individuals.…

Info Data Leak

Online Loan Platform Data Leak Raises Privacy Issues

January 19, 2025 DailyDarkWeb

Victim: Online Loan Platform | Online Loan Platform Price: Not disclosed Data: Financial data and personal user information

Keypoints :

Leaked database includes usernames, email addresses, contact numbers, and loan records. Incident raises concerns about the security of digital lending platforms. Potential risks include identity theft and fraudulent activities.…

Info Data Leak

Massive Leak of Online Loan User Data Raises Concerns

January 19, 2025 DailyDarkWeb

Victim: Online Loan Platform | Online Loan Platform Price: Not disclosed Data: Usernames, email addresses, phone numbers, loan amounts, financial transaction records

Keypoints :

Massive data breach involving an online loan platform. Exposed sensitive user information, raising concerns about data security and privacy. Leaked database includes usernames, email addresses, phone numbers, loan amounts, and financial transaction records.…

Info Data Leak

Private Keys in the Fortigate Leak – Hanno’s blog

January 18, 2025January 18, 2025 admin

Summary: Recently, a leak of configuration files for Fortigate/Fortinet devices revealed sensitive data, including TLS and SSH private keys, due to a known vulnerability (CVE-2022-40684). Despite previous warnings from Fortinet about active exploitation, many users failed to change their default passwords, leaving their systems vulnerable. The incident highlights ongoing issues with security practices and the effectiveness of security advisories.…

Threat Research

Detecting and mitigating CVE-2024-12084: rsync remote code execution

January 18, 2025 Sysdig

On January 14, 2025, multiple vulnerabilities were discovered in the rsync utility, with CVE-2024-12084 being the most critical as it allows for remote code execution. This article discusses detection and mitigation strategies for this vulnerability. Affected: rsync

Keypoints :

Six vulnerabilities were announced affecting the rsync utility.…

Info Data Leak

15K Fortinet Device Configs Leaked to the Dark Web

January 18, 2025January 18, 2025 DarkReading

Summary: A significant data leak involving configuration data and VPN credentials for over 15,000 Fortinet devices has surfaced on the Dark Web, attributed to the Belsen Group. This incident follows the disclosure of a critical authentication bypass vulnerability in Fortinet’s systems, which was exploited to gather the leaked data.…

Info Data Leak

Cybersecurity News Review – Week 3 (2025)

January 18, 2025January 18, 2025 iocOne

This week’s cybersecurity newsletter highlights critical vulnerabilities in Fortinet and BeyondTrust products, the exploitation of multiple zero-day flaws by Microsoft, and emerging ransomware tactics targeting AWS. Additionally, it discusses a significant data breach at Stiiizy, the impact of healthcare data breaches in the US, and various government responses to cyber threats.…

Info Data Leak

In Other News: Lawsuits and Settlements, CrowdStrike Phish, MITRE’s D3FEND 1.0

January 18, 2025January 18, 2025 SecurityWeek

Summary: This week’s cybersecurity news roundup highlights significant developments in the field, including new tools, vulnerabilities, and legal actions involving major companies. Key stories include the launch of MITRE’s D3FEND 1.0, a phishing campaign targeting CrowdStrike, and various lawsuits related to data breaches. The roundup emphasizes the evolving landscape of cyber threats and the ongoing efforts to enhance security measures.…

Threat Research

BlackSuit Ransomware Group: What Have Changed After Royal Ransomware

January 17, 2025 Picussecurity

The BlackSuit ransomware group, an evolution of the Royal ransomware, has emerged as a significant cyber threat since mid-2023, utilizing advanced tactics to extort over $500 million from various industries worldwide. This analysis delves into their operational strategies, notable incidents, and defense mechanisms to mitigate their impact.…

Info Data Leak

CISA warns of exploited Fortinet bugs as Microsoft issues its biggest Patch Tuesday in years

January 17, 2025January 18, 2025 RecordedFuture

Summary: A zero-day vulnerability in FortiGate firewalls is actively being exploited by hackers, prompting urgent action from the federal government and cybersecurity firms. The Cybersecurity and Infrastructure Security Agency (CISA) has mandated that federal agencies patch this vulnerability by January 21, highlighting its critical nature. Additionally, concerns have been raised about an older vulnerability that has recently led to the leak of configurations for thousands of FortiGate devices.…

Info Data Leak

US issues sanctions against companies in Laos, China tied to North Korean IT worker scheme

January 17, 2025January 18, 2025 RecordedFuture

Summary: The U.S. has imposed sanctions on two North Korean nationals and several companies in Laos and China for facilitating a scheme that deceived American firms into hiring North Korean IT workers, whose earnings fund the DPRK’s weapons programs. The Treasury Department highlighted the extensive network of North Korean IT workers operating globally, often using stolen identities to conceal their activities.…

Info Data Leak

US cracks down on North Korean IT worker army with more sanctions

January 17, 2025January 18, 2025 BleepingComputer

Summary: The U.S. Treasury Department has imposed sanctions on a network linked to North Korea’s Ministry of National Defense, which has been generating revenue through illegal remote IT work. The sanctions target specific companies and individuals involved in these schemes, highlighting North Korea’s reliance on overseas IT workers to fund its weapons programs and support for Russia.…

Threat Research

Fortinet firewalls hit with new zero-day attack, older data leak

January 17, 2025 Rapid7

Rapid7 is investigating two significant incidents affecting Fortinet firewall users: a zero-day vulnerability (CVE-2024-55591) that allows remote attackers to gain super-admin privileges and a data leak involving 15,000 FortiGate firewalls. The leaked data, which includes sensitive information, is believed to be from incidents dating back to 2022.…

Threat Research

15K Fortigate Firewall Configs Leaked By Belsen Group: Dumped Using Zero-Day in 2022

January 16, 2025 CloudSek

A recent leak of over 15,000 Fortigate firewall configurations has raised concerns about the security of devices vulnerable to CVE-2024-55591 and CVE-2022-40684. The threat actor known as “Belsen_Group” is believed to have exploited these vulnerabilities and subsequently leaked the configurations in January 2025. Organizations are urged to check their exposure and take necessary mitigation steps.…

Tag: LEAK