LEAK Archives - Page 2 of 93 - Cybersecurity News Everyday

‘Spearwing’ RaaS Group Ruffles Feathers in Cyber Threat Scene

Summary: The Medusa ransomware has emerged as a prominent tool for the threat group known as “Spearwing,” which has targeted nearly 400 victims since 2023. Their ransom demands can range from 0,000 to million, and they employ tactics such as double extortion to pressure victims. The group exploits unpatched vulnerabilities, particularly in Microsoft Exchange Servers, to gain access to networks and conduct attacks.…

Cyber Attack

Bosowa Berlian Motor Allegedly Breached

March 7, 2025 DailyDarkWeb

Summary: A recent dark web post claims that PT Bosowa Berlian Motor has suffered a significant data breach, involving the compromise of its database and website source code. The exposed data reportedly exceeds 5 GB, including SQL database files and a large number of tables. This incident raises concerns about the security of sensitive information related to one of Indonesia’s major automotive companies.…

Threat Research

Security Implications of Low-Code/No-Code Platforms: The Unseen Cyberwar

March 7, 2025March 7, 2025 iocOne

This article provides a thorough analysis of the security vulnerabilities associated with low-code/no-code (LCNC) platforms, exposing architectural flaws and real-world breaches. It outlines case studies involving significant breaches such as Microsoft Power Apps and Airtable, highlighting the negligence of platform providers. A call to action for stronger security practices and vendor accountability concludes the report.…

Cyber Security News

Canadian intelligence agency warns of threat AI poses to upcoming elections

March 7, 2025 CybersecurityNews

Summary: Canada’s Communications Security Establishment (CSE) warns that hostile actors may misuse AI tools to disrupt upcoming elections, although the integrity of democratic processes is deemed unlikely to be fundamentally undermined. The report highlights the theft of vast data on politicians and citizens by China, which enhances interference capabilities.…

Cyber Security News

Microsoft: North Korean hackers join Qilin ransomware gang

March 7, 2025 BleepingComputer

Summary: Microsoft reports that the North Korean hacking group Moonstone Sleet has recently begun using Qilin ransomware in their attacks, marking a shift from their previous use of custom ransomware. The group has been active since August 2022 and is known for targeting financial and cyberespionage sectors, employing various tactics to reach victims.…

Cyber Attack

Many Schools Report Data Breach After Retirement Services Firm Hit by Ransomware

March 7, 2025 LeakNews

Summary: A ransomware attack on Carruth Compliance Consulting has led to a significant data breach affecting numerous school districts and thousands of individuals in the United States. The hacked systems resulted in the theft of sensitive personal information, with the ransomware group Skira claiming responsibility for the attack.…

Cyber Security News

Medusa Ransomware Attacks Increase

March 7, 2025 CybersecurityNews

Summary: The Medusa ransomware has seen a significant rise in attacks, doubling in early 2025 compared to the previous year, according to Symantec. Utilizing a ransomware-as-a-service model, it targets various sectors globally while employing double-extortion tactics. With ransoms demanded between 0,000 and million, Medusa exploits vulnerabilities in systems like Microsoft Exchange and VMware ESXi.…

Threat Research

Emulating the Relentless RansomHub Ransomware

March 7, 2025 AttackIQ

RansomHub is a newly emerged Ransomware-as-a-Service (RaaS) operation targeting organizations globally, implementing a double-extortion model that encrypts and steals sensitive data. The encryptor, encoded in C++ or Go, presents challenges for security analysis due to its password requirement for execution. Potential links to previous ransomware groups like Knight and BlackCat/ALPHV are noted.…

CISA, FBI warn of BianLian mail scam targeting executives with 0k ransom note

Cyber Attack

CISA, FBI warn of BianLian mail scam targeting executives with $500k ransom note

March 7, 2025 LeakNews

Summary: Federal law enforcement agencies are alerting business executives about a scam using the name of the Russian BianLian ransomware gang to extort companies for Bitcoin payments. The scam involves letters claiming that sensitive data has been stolen, threatening publication unless ransoms are paid. The FBI and CISA urge anyone receiving such letters to report them, as the legitimacy of the connection to the actual BianLian gang remains unclear.…

Cyber Attack

Ransomware Builds Against Saudi Construction Firms

March 6, 2025 LeakNews

Summary: A ransomware attack by the DragonForce group has targeted Saudi construction firm Al Bawani, stealing approximately 6TB of sensitive data and highlighting increased cyber threats in the region. The attack underscores a concerning trend in which construction and real estate sectors are increasingly being targeted by cybercriminals, fueled by the proliferation of ransomware-as-a-service (RaaS) models.…

Threat Research

Tracking Threat Actors: How Infrastructure Analysis Reveals Cyber Attack Patterns

March 6, 2025March 6, 2025 iocOne

This article discusses methodologies for clustering and analyzing cyber threats, focusing on the infrastructure used by the Iranian group Pioneer Kitten and its connections to other threat actors, including the North Korean IT workers. The emphasis is on the importance of cross-referencing diverse data sources to gain insights for long-term intelligence production.…

Cyber Security News

VMWare ESXi Vulnerabilities Exploited, Patch Now

March 6, 2025March 6, 2025 iocOne

Broadcom has identified three critical vulnerabilities in VMware ESXi affecting local admin privileges, enabling code execution on the host and memory leakage. The vulnerabilities are actively exploited, posing severe risks to various VMware products, necessitating immediate updates. Affected: VMware ESXi, VMware Workstation, VMware Fusion, VMware Cloud Foundation, VMware Telco Cloud Platform

Keypoints :

Three critical zero-day vulnerabilities disclosed by Broadcom on March 4, 2025.…

Interesting Stuff

SSRF steals EC2 tokens

March 6, 2025March 6, 2025 Infosecwriteups

Server-Side Request Forgery (SSRF) is a significant vulnerability that enables attackers to manipulate a server into making unauthorized requests. This can compromise sensitive data, gain access to internal systems, or allow remote code execution. The utilization of SSRF can lead to the leakage of IAM credentials and internal service access.…

Cyber Security News

US Indicts China’s iSoon ‘Hackers-for-Hire’ Operatives

March 6, 2025 CybersecurityNews

Summary: The US Justice Department has indicted employees of the Chinese cybersecurity firm i-Soon for conducting hacking campaigns on behalf of Beijing’s security services. The firm reportedly leaked sensitive data and was involved in targeted cyber operations against various dissidents and organizations, including US federal agencies.…

Cyber Attack

Utsunomiya Central Clinic in Japan Suffers Ransomware Cyberattack, Potential Patient Data Breach

March 6, 2025 Monitorman

Date Reported: 2025-02-10 Country: JPN | Japan Victim: Utsunomiya Central Clinic | Utsunomiya Central Clinic Website: ucc.or.jp Information :The Utsunomiya Central Clinic in Japan was hit by a ransomware cyberattack on February 10, 2025. There is a potential leak of personal information of patients and staff, including names, birth dates, addresses, and phone numbers.…

Cyber Attack

Toronto Zoo shares update on last year’s ransomware attack

March 5, 2025 BleepingComputer

Summary: The Toronto Zoo experienced a ransomware attack in January 2024, resulting in a data breach affecting personal and financial information of employees, volunteers, and donors. The stolen data includes names, addresses, phone numbers, email addresses, and the last four digits of credit card numbers. The attack was claimed by the Akira ransomware group, which has a history of targeting various organizations worldwide.…

Threat Research

Boramae Ransomware

March 5, 2025 Cyfirma

Boramae Ransomware is a newly discovered strain aimed at Windows systems, known for its effective encryption and evasion tactics. The ransomware not only encrypts files but also leaves threat-laden ransom notes demanding payment under duress. These findings emphasize the need for robust cybersecurity measures and incident response strategies.…

Cyber Attack

Fake BianLian ransom notes mailed to US CEOs in postal mail scam

March 5, 2025 BleepingComputer

Summary: Scammers are sending fake ransom notes impersonating the BianLian ransomware group to U.S. companies via postal mail, attempting to extort money with threats of stolen data. These notes are tailored to specific industries, falsely claiming to have stolen sensitive information and demanding hefty Bitcoin payments.…

Cyber Security News

3 VMware Zero-Day Bugs Allow Sandbox Escape

March 5, 2025 CybersecurityNews

Summary: Broadcom has issued urgent patches for three critical vulnerabilities in its VMware ESXi, Workstation, and Fusion technologies that are being actively exploited. These vulnerabilities require an attacker to have administrative access but can allow them to gain control of the underlying host and potentially compromise entire virtual environments.…

Tag: LEAK