LEAK Archives - Page 2 of 92 - Cybersecurity News Everyday

US Indicts China’s iSoon ‘Hackers-for-Hire’ Operatives

Summary: The US Justice Department has indicted employees of the Chinese cybersecurity firm i-Soon for conducting hacking campaigns on behalf of Beijing’s security services. The firm reportedly leaked sensitive data and was involved in targeted cyber operations against various dissidents and organizations, including US federal agencies.…

Cyber Attack

Utsunomiya Central Clinic in Japan Suffers Ransomware Cyberattack, Potential Patient Data Breach

March 6, 2025 Monitorman

Date Reported: 2025-02-10 Country: JPN | Japan Victim: Utsunomiya Central Clinic | Utsunomiya Central Clinic Website: ucc.or.jp Information :The Utsunomiya Central Clinic in Japan was hit by a ransomware cyberattack on February 10, 2025. There is a potential leak of personal information of patients and staff, including names, birth dates, addresses, and phone numbers.…

Cyber Attack

Toronto Zoo shares update on last year’s ransomware attack

March 5, 2025 BleepingComputer

Summary: The Toronto Zoo experienced a ransomware attack in January 2024, resulting in a data breach affecting personal and financial information of employees, volunteers, and donors. The stolen data includes names, addresses, phone numbers, email addresses, and the last four digits of credit card numbers. The attack was claimed by the Akira ransomware group, which has a history of targeting various organizations worldwide.…

Threat Research

Boramae Ransomware

March 5, 2025 Cyfirma

Boramae Ransomware is a newly discovered strain aimed at Windows systems, known for its effective encryption and evasion tactics. The ransomware not only encrypts files but also leaves threat-laden ransom notes demanding payment under duress. These findings emphasize the need for robust cybersecurity measures and incident response strategies.…

Cyber Attack

Fake BianLian ransom notes mailed to US CEOs in postal mail scam

March 5, 2025 BleepingComputer

Summary: Scammers are sending fake ransom notes impersonating the BianLian ransomware group to U.S. companies via postal mail, attempting to extort money with threats of stolen data. These notes are tailored to specific industries, falsely claiming to have stolen sensitive information and demanding hefty Bitcoin payments.…

Cyber Security News

3 VMware Zero-Day Bugs Allow Sandbox Escape

March 5, 2025 CybersecurityNews

Summary: Broadcom has issued urgent patches for three critical vulnerabilities in its VMware ESXi, Workstation, and Fusion technologies that are being actively exploited. These vulnerabilities require an attacker to have administrative access but can allow them to gain control of the underlying host and potentially compromise entire virtual environments.…

Cyber Attack

Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware

March 5, 2025 BleepingComputer

Summary: Recent research highlights connections between the Black Basta and Cactus ransomware gangs, noting shared tactics such as social engineering attacks and the use of BackConnect proxy malware. The investigation reveals how these groups are possibly overlapping in membership and operational strategies, including similar intrusion techniques.…

Ransom Monitor

Ransom! 365labs – Security Corp

March 5, 2025 Monitorman

Victim: 365labs – Security Corp Country : Actor: monti Source: http://mblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion/blog/b4d8eca0770c757d11f65384178d5b5593c9c56b412f43ceab1594beb5de1669/ Discovered: 2025-03-04 22:08:15.233763 Published: 2025-03-04 22:07:07.921586 Description : Sure! Here are the key points structured using HTML list tags as you requested:Data Breach: Sensitive information has been compromised. Extent of Leak: Full leak indicates a vast amount of data has been exposed.…

Threat Research

AI’s Role in Turning Massive Data Leaks into Hacker Paydays: A Look at the Orange Breach

March 5, 2025 admin

Breaches involving companies like Orange, Schneider Electric, and Telefonica often begin with infostealers acquiring sensitive credentials, leading to substantial internal data leaks. Hackers leverage AI to efficiently analyze and extract valuable information from these massive datasets, turning previously chaotic data into actionable intelligence. Affected: Orange, Schneider Electric, Telefonica

Keypoints :

Recent breaches often start with infostealers that collect JIRA or Confluence credentials.…

Cyber Security News

VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches

March 5, 2025 CybersecurityNews

Summary: Broadcom has released security updates for three significant vulnerabilities in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. These vulnerabilities are actively being exploited, highlighting the urgency for users to apply the latest patches. Key vulnerabilities include a TOCTOU vulnerability with a CVSS score of 9.3, an arbitrary write vulnerability, and an information disclosure flaw.…

Cyber Security News

Broadcom fixes three VMware zero-days exploited in attacks

March 4, 2025 BleepingComputer

Summary: Broadcom has issued a warning regarding three critical zero-day vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) affecting various VMware products. These vulnerabilities allow attackers with privileged access to escape the virtual machine’s sandbox and potentially compromise the hypervisor. Exploitation of these flaws has already been observed in active attacks, raising concerns for enterprise security.…

Cyber Attack

How New AI Agents Will Transform Credential Stuffing Attacks

March 4, 2025 LeakNews

Summary: In 2024, credential stuffing attacks surged due to a blend of infostealer infections and extensive data breaches, marking a troubling trend in cybercrime. The emergence of AI agents, specifically Computer-Using Agents, presents a new challenge, enabling attackers to automate credential exploitation on a large scale without needing extensive coding.…

0Trash

Cellebrite’s Zero-Day Exploit Used to Unlock Serbian Activist’s Android Phone

March 4, 2025March 4, 2025 iocOne

A Serbian youth activist fell victim to a sophisticated zero-day exploit targeting Android devices, believed to be developed by Cellebrite. This exploit exploited a critical vulnerability allowing unauthorized access, raising concerns about user privacy and data security. Affected: Android devices, privacy rights, cybersecurity sector

Keypoints :

A Serbian activist had their Android phone compromised using a Cellebrite exploit.…

Cyber Security News

Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities

March 4, 2025 CybersecurityNews

Summary: Google has published its March 2025 Android Security Bulletin, addressing 44 vulnerabilities, including two high-severity flaws actively exploited in the wild. Notably, these vulnerabilities, CVE-2024-43093 and CVE-2024-50302, stem from privilege escalation issues within the Android framework and Linux kernel respectively. Google has advised its partners and users to implement the latest security patches to mitigate the risks associated with these vulnerabilities.…

Threat Research

Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal

March 4, 2025 TrendMicro

In this blog entry, we explore the tactics employed by the Black Basta and Cactus ransomware groups to compromise systems and exfiltrate sensitive information. They leveraged social engineering, remote access tools, and the BackConnect malware to establish persistent control over infected machines. Mitigating damages, businesses must adopt enhanced security protocols.…

Cyber Attack

Alleged Data Breach at Perrin Performance Surfaces on Dark Web Forum

March 4, 2025 DailyDarkWeb

Summary: A database belonging to Perrin Performance has reportedly been leaked on a dark web forum, compromising over 14,000 user records. The breach is claimed to have occurred in March 2025, but the authenticity of the information remains unverified. No independent confirmation of the leak has been provided, raising questions about the reliability of the data.…

0Trash

Social Engineering: The Art of Psychological Exploitation Part 4

March 3, 2025 iocOne

This article explores various social engineering crimes and case studies, emphasizing the significance of understanding these tactics for self-protection and cybersecurity awareness. Notable scams include QR code replacements, call forwarding scams, SIM swap scams, job fraud, phishing-as-a-service, and the notorious 2020 Twitter Bitcoin scam. These incidents highlight human vulnerability in cybersecurity and the need for continuous vigilance.…

Cyber Attack

The New Ransomware Groups Shaking Up 2025

March 3, 2025 LeakNews

Summary: In 2024, global ransomware attacks surged to 5,414 incidents, marking an 11% increase from the previous year, with a notable spike in attacks during Q2 and Q4. The emergence of 46 new ransomware groups, especially RansomHub, has significantly transformed the ransomware landscape, with these groups adopting aggressive strategies and collaborations.…

Cyber Attack

Alleged Data Breach Exposes Thousands of Records on Dark Web

March 3, 2025 DailyDarkWeb

Summary: A massive database leak has occurred, involving sensitive personal and company information of over 54,000 individuals, primarily in France. The dataset reportedly includes names, addresses, phone numbers, and various other records, with the threat actor offering it for sale on a dark web forum. Interested buyers are directed to contact the actor via Telegram for purchase arrangements.…

Ransom Monitor

Ransom! FM.GOB.AR

March 3, 2025 Monitorman

Victim: FM.GOB.AR Country : AR Actor: monti Source: http://mblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion/blog/82b3572f2dadeca89f06a17fd17a8f05f10e23aff09bfc7071d7b6d29e6238e5/ Discovered: 2025-03-02 18:56:09.777931 Published: 2025-03-02 18:28:56.000000 Description : Sure! Here are some key points in English regarding a “Full Leak”: Complete disclosure of sensitive information Can include personal data, financial records, or confidential documents Often results from cybersecurity breaches or insider threats May lead to identity theft or financial fraud Organizations should implement robust security measures to prevent leaks Regular audits and monitoring are essential for data protection Legal consequences may follow for organizations failing to protect data Education and training of staff are critical for minimizing risks

About Country: Argentina (AR)

Argentina has been increasingly attentive to the threats posed by cybercrime, particularly in the realm of cybersecurity.…

Tag: LEAK