Major cybersecurity events on 10th December 2020 (Evening Post): njRAT Trojan operators use Pastebin as alternative to central command server. Leaky Elasticsearch server reveals massive Instagram click farm. Potential Starbucks remote code execution vulnerability uncovered and patched.Continue readingVermont Medical Center attack costs $1.5M a day, Steam flaws let gamers crash opponents’ computers, and more
Tag: Elasticsearch
Major cybersecurity events on 02nd December 2020 (Morning Post): Indian job portal IIMJobs hacked; database leaked online, Malicious NPM packages used to install njRAT remote access trojan, DarkIRC botnet is targeting the critical Oracle WebLogic CVE-2020-14882. Continue readingIndian job portal IIMJobs hacked; database leaked online, Malicious NPM packages used to install njRAT remote access trojan, and more
Major cybersecurity events on 16th November 2020 (Morning Post): Intel fixes a series of bugs that made it possible for attackers to install malicious firmware, Apple has issued multiple security updates, and TroubleGrabber malware targets Discord users.Continue readingHackers attack major Telegram channels, North Face suffers credential stuffing attack, and more
Major cybersecurity events on 7th October 2020 (Morning Post): Chowbus delivery service breached, hacker emails data to users. Ransomware attack on health tech firm disrupted COVID-19 medical trials. PoetRAT malware targets public and private sector in Azerbaijan.Continue readingGitLab patches Elasticsearch data leak bug, Canada bombarded with COVID-themed cyber attacks, and more
Major cybersecurity events on 5th October 2020 (Morning Post): University Hospital New Jersey pays ransom of $670K to prevent publishing of 240GB data. Egregor ransomware threatens a mass-media release of victims’ corporate data. Emotet malware interferes in the 2020 US Presidential Election. Continue readingH&M charged with €35.2m fine for GDPR violations, 2 million Edureka users’ data exposed in data breach, and more
Major cybersecurity events on 28th September 2020 (Evening Post): Hacker (m1gh7yh4ck3r) uploads PDF documents to WHO, UNESCO websites. REvil ransomware deposits $1 million in Bitcoins for hacker recruitment drive. FinCEN outlines world’s biggest banks embezzle trillions for terrorists and drug cartels.Continue readingBrandBQ exposes 7 million customer records, Town Sports leaks personal data of 600,000 customers, and more
Major cybersecurity events on 23rd September 2020 (Evening Post): OldGremlin hacking group strikes Russian companies with ransomware. New Zebrocy campaign, associated with Russian state-linked threat actor APT28, targets countries affiliated with NATO.Continue readingFBI warns over election disinformation campaign, Indian COVID-19 monitoring tool exposes 8M users data, and more
Major cybersecurity events on 15th September 2020 (Evening Post): 97% of cybersecurity companies reportedly leaked data on dark web. Mailfire exposes 320 million users records of 70 dating, e-commerce sites. Bug in Joe Biden’s campaign app allows access to millions of voter files. Continue readingDaimler settles US emission charges for $1.5B, SunCrypt ransomware targets University Hospital NJ, and more
Major cybersecurity events on 14th September 2020 (Evening Post): US citizen charged with running a diamond and cryptocurrency-based Ponzi scheme. Vulnerabilities expose thousands of MobileIron servers to remote attacks. Zerologon attack lets hackers take over enterprise networks.Continue readingMisconfigured Elasticsearch leaks 882GB user data, Indian orgs. report highest cyberattacks after US, and more
Major cybersecurity events on 14th September 2020 (Morning Post): 3.4 million patient data breached in Blackbaud ransomware incident, states interim report. New Twitter phishing scam steals login credentials of unsuspecting users. Development Bank of Seychelles hit by ransomware attack.Continue readingRyuk targets US court with the Conti strain, Zoom adds and extra layer of security: 2FA, and more