Tag: LEAK

Ivanti Patches Critical Vulnerabilities in Endpoint Manager
Summary: Ivanti has released patches for multiple critical and high-severity vulnerabilities in its Avalanche, Application Control Engine, and Endpoint Manager (EPM) products, addressing serious security flaws that could be exploited by remote attackers. The most severe issues include absolute path traversal vulnerabilities in EPM, with a CVSS score of 9.8, and several high-severity flaws in Avalanche and Application Control Engine.…
Read More
Campaign TrailRansomHub Ransomware: Darktrace’s Investigation of the Newest Tool in ShadowSyndicate’s ArsenalbyQing Hong Kwa
Darktrace’s investigation into RansomHub attacks revealed connections to the ShadowSyndicate threat group, which has been active since July 2022. ShadowSyndicate has adopted RansomHub’s ransomware services, leading to a surge in attacks across various sectors in late 2024. The attacks involved complex tactics, including data exfiltration and file encryption, with ransom notes threatening data leaks.…
Read More
Pitango6 Database Breach Raises Data Privacy Issues in Israel
Victim: Pitango6 | Pitango6 Price: Not disclosed Exfiltrated Data Type: Sensitive user information

Key Points :

Reported data breach involving Pitango6.co.il. Potential compromise of sensitive user information. Significant concerns about user privacy and data security. Highlights the need for robust cybersecurity measures. Risks include identity theft and unauthorized data usage.…
Read More

Victim: Boart & Wire Country : TW Actor: sarcoma Source: Discovered: 2025-01-14 18:34:27.291312 Published: 2025-01-14 18:34:27.291312 Description : BOART & WIRE is a worldwide leader in manufacturing and marketing of diamond wires, discs and blades. The company was established in Fara Vicentino (VI) in 2005 and within few years, it has been able to interpret the needs of the stone industry, thanks largely to the significant investment in innovative research and development.…
Read More
4 Reasons Your SaaS Attack Surface Can No Longer be Ignored
Summary: The increasing prevalence of SaaS applications introduces significant identity, data security, and third-party risks, which are exacerbated by SaaS sprawl. Organizations must prioritize securing their SaaS attack surface in 2025 to mitigate these vulnerabilities effectively.

Threat Actor: Cybercriminals | cybercriminals Victim: Organizations using SaaS | organizations using SaaS

Key Point :

Modern work heavily relies on SaaS, leading to rapid account creation and an expanded attack surface.…
Read More
Lebanese Intelligence Database Breach Raises Security Issues
Victim: Lebanese Intelligence Database | Lebanese Intelligence Database Price: Not disclosed Exfiltrated Data Type: Personal details of individuals associated with ISIS organizers

Key Points :

Potential data breach involving a Lebanese intelligence database. Database allegedly contains sensitive information about ISIS organizers. Could have serious implications for national security and counter-terrorism operations.…
Read More
Extensive Personal Data Leak in France
Victim: France | France Price: Not disclosed Exfiltrated Data Type: Personal Information

Key Points :

Extensive database containing personal information of individuals in France. Leaked data includes names, phone numbers, email addresses, postal addresses, and postal codes. Significant risks include identity theft, phishing attacks, and unauthorized access to sensitive accounts.…
Read More

Victim: Delap & Waller Country : GB Actor: lynx Source: http://lynxblog.net/leaks/6785493e05a779c3d3cd81e1 Discovered: 2025-01-13 19:21:50.426166 Published: 2025-01-13 19:20:41.853372 Description : We have 300+GB of data leaked from network.

Ransomware Victims – ALL | Other Victims by lynx

Data Leak Overview

Recently, a significant data leak has come to light, involving over 300+GB of sensitive information.…

Read More
RST TI Report Digest: January 13, 2025
This week’s threat intelligence report from RST Cloud highlights significant cyber threats from various actors, including the Chinese state-sponsored group RedDelta targeting Mongolia, Taiwan, and Southeast Asia, as well as the emergence of new malware like Banshee and the Gayfemboy botnet. The report summarizes key findings from 29 threat intelligence reports, detailing tactics, techniques, and procedures (TTPs) used in these attacks, and includes numerous indicators of compromise (IoCs).…
Read More
Expired Domains Allowed Control Over 4,000 Backdoors on Compromised Systems
Summary: A cybersecurity operation by watchTowr Labs has successfully hijacked over 4,000 unique web backdoors by taking control of abandoned domains, allowing them to track compromised systems and potentially commandeer them. This initiative highlights vulnerabilities in the infrastructure used by various threat actors, revealing significant oversight in their operations.…
Read More
ZACROS Corporation Shares Update on Personal Information Leak After Ransomware Attack
Victim: ZACROS Corporation | ZACROS Corporation Price: Not disclosed Exfiltrated Data Type: Personal information

Key Points :

Ransomware attack detected on September 27, 2024. Personal data of approximately 157,203 individuals leaked. Data includes information of 143,718 business partners and related parties. Leaked employee data includes basic pension numbers and insurance details.…
Read More

Summary: The video discusses serious security breaches and privacy concerns within major tech platforms and services. Key topics include a hacking incident involving Gravy Analytics, Telegram’s increased user data disclosures, and Apple’s near admission of Siri recording private conversations for targeted advertising.

Keypoints:

Hackers breached Gravy Analytics, a location data broker selling user coordinates to various third parties.…
Read More