Tag: LEAK

Victim: Dona Formosa Country : BR Actor: sarcoma Source: Discovered: 2025-01-16 15:30:20.145034 Published: 2025-01-16 15:30:20.145034 Description : Dona Formosa Since our founding in 1999, we have dedicated our expertise to the manufacturing of dairy products and the distribution of partner brands. Our journey, which began more than two decades ago, continues to be marked by an unwavering commitment to excellence.…
Read More

Victim: JD Lighting Country : AU Actor: sarcoma Source: Discovered: 2025-01-16 12:26:11.453976 Published: 2025-01-16 12:26:11.453976 Description : JD Lighting We are a full service wholesale lighting distributor specializing in Fluorescent, Incandescent, HID, Halogen, CFL and LED light bulbs. We also carry a large range of ballasts and drivers.…
Read More
380,000 Impacted by Data Breach at Cannabis Retailer Stiiizy
Summary: California-based cannabis brand Stiiizy is alerting 380,000 individuals about a data breach that compromised their personal information through a vendor. The breach, which occurred between October 10 and November 10, involved unauthorized access to sensitive data, including government-issued identification details. Stiiizy is offering affected individuals 12 months of free credit monitoring and fraud assistance following the incident.…
Read More
Securonix Threat Labs 2024 Annual Autonomous Threat Sweeper Intelligence Insights
The 2024 Annual Cyber Threat Report reveals a significant increase in cyber threats, including advanced persistent threats (APTs) and evolving tactics used by attackers. Key incidents include the resurgence of LockBit ransomware, exploitation of vulnerabilities in widely-used technologies, and notable data breaches affecting major organizations. Affected: Ivanti Connect Secure, GlobalProtect, CrowdStrike, Snowflake, Palo Alto Networks

Keypoints :

Emerging threats exploit vulnerabilities in Ivanti Connect Secure and GlobalProtect VPN.…
Read More
Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager
Summary: Ivanti has released security updates to address critical vulnerabilities in its Endpoint Manager (EPM), Avalanche, and Application Control Engine, including four critical flaws rated 9.8 on the CVSS scale that could lead to information disclosure. The vulnerabilities, discovered by security researcher Zach Hanley, allow remote unauthenticated attackers to leak sensitive information.…
Read More
Victim: FortiGate Users | FortiGate Price: N/A Data: VPN Credentials, Firewall Configurations

Keypoints :

Threat Actor: Belsen Group Number of Exposed Configurations: Over 15,000 Data Types Leaked: Usernames, passwords (some in plain text), device management certificates, complete firewall rule sets Vulnerability Exploited: CVE-2022-40684 Data Organization: Categorized by country with individual IP addresses Potential Risks: Unauthorized network access and exploitation of sensitive information Expert Confirmation: Kevin Beaumont verified the authenticity of the leaked data

Cybersecurity expert Kevin Beaumont has reported that over 15,000 FortiGate firewall configurations, including VPN credentials, have been publicly leaked by a group calling itself “Belsen Group.”…

Read More
Hackers leak configs and VPN credentials for 15,000 FortiGate devices
Summary: A new hacking group known as the Belsen Group has leaked sensitive configuration files, IP addresses, and VPN credentials for over 15,000 FortiGate devices on the dark web. This data dump, which includes critical technical information, was released to promote the group and is believed to be linked to a previously exploited zero-day vulnerability.…
Read More
University of Oklahoma isolates systems after ‘unusual activity’ on IT network
Summary: The University of Oklahoma is investigating unusual cyber activity on its network after being targeted by a ransomware gang known as Fog, which claims to have stolen 91 GB of sensitive data. The institution has taken measures to isolate affected systems and enhance security. This incident highlights the ongoing threat of ransomware attacks in the education sector, particularly during periods of reduced IT staffing.…
Read More
Malicious Kong Ingress Controller Image Found on DockerHub
Summary: A significant security breach in the software supply chain was discovered when an attacker replaced the legitimate Kong Ingress Controller v.3.4.0 image with a malicious version on DockerHub. This compromised image contained cryptojacking code that directed systems to mine cryptocurrency. The Kong team responded promptly by removing the affected version and releasing a patched version, 3.4.1, to mitigate the issue.…
Read More
Russian espionage and financial theft campaigns have ramped up, Ukraine cyber agency says
Summary: Ukrainian cyber agencies report a rise in sophisticated cyberattacks primarily attributed to three Russia-linked hacker groups targeting government and critical services. The attacks have focused on espionage, financial theft, and psychological warfare, with the most active group being UAC-0010, also known as Gamaredon. Over the past year, Ukraine’s cybersecurity incident response center has addressed over 1,000 incidents, indicating a significant threat to national security.…
Read More
380,000 Impacted by Data Breach at Cannabis Retailer Stiiizy
Summary: A vulnerability in Google’s OAuth implementation allows the potential takeover of accounts belonging to former employees of failed startups by purchasing their domains. This could expose sensitive data stored on various SaaS platforms, as the old employee email accounts can be recreated. Truffle Security has identified over 100,000 domains at risk, potentially affecting around 10 million accounts.…
Read More
Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool
Summary: Multiple security vulnerabilities have been found in the Rsync file-synchronizing tool, potentially allowing attackers to execute arbitrary code on connected clients. The vulnerabilities include heap-buffer overflow and information disclosure, among others, posing significant risks to users.

Threat Actor: Unknown | unknown Victim: Rsync users | Rsync users

Key Point :

Six vulnerabilities disclosed, including CVE-2024-12084 with a CVSS score of 9.8 for heap-buffer overflow.…
Read More
Microsoft Patch Tuesday January 2025 Security Update Review Qualys ThreatPROTECT
January 2025 marks the release of Microsoft’s first Patch Tuesday, addressing 159 vulnerabilities, including 10 critical and 149 important. Among these, eight zero-day vulnerabilities have been patched, with three actively exploited. Key updates include fixes for various Microsoft products, notably in Windows and Microsoft Office. Affected: Microsoft Windows, Microsoft Office, .NET,…
Read More
Ivanti Patches Critical Vulnerabilities in Endpoint Manager
Summary: Ivanti has released patches for multiple critical and high-severity vulnerabilities in its Avalanche, Application Control Engine, and Endpoint Manager (EPM) products, addressing serious security flaws that could be exploited by remote attackers. The most severe issues include absolute path traversal vulnerabilities in EPM, with a CVSS score of 9.8, and several high-severity flaws in Avalanche and Application Control Engine.…
Read More
Campaign TrailRansomHub Ransomware: Darktrace’s Investigation of the Newest Tool in ShadowSyndicate’s ArsenalbyQing Hong Kwa
Darktrace’s investigation into RansomHub attacks revealed connections to the ShadowSyndicate threat group, which has been active since July 2022. ShadowSyndicate has adopted RansomHub’s ransomware services, leading to a surge in attacks across various sectors in late 2024. The attacks involved complex tactics, including data exfiltration and file encryption, with ransom notes threatening data leaks.…
Read More