Cybercrime – Search.AI.Wiki

Okta reveals additional attackers’ activities in October 2023 Breach

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach.

Okta provided additional details about the October 2023 breach and revealed additional threat actor malicious activities.

In October, the Cloud identity …

International police operation dismantled a prominent Ukraine-based Ransomware group

An international law enforcement operation dismantled the core of a ransomware group operating from Ukraine.

A joint law enforcement operation led by Europol and Eurojust, with the support of the police from seven nations, has arrested in Ukraine the core …

Daixin Team group claimed the hack of North Texas Municipal Water District

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data.

The North Texas Municipal Water District (NTMWD) is a regional water district that provides wholesale water, wastewater treatment, …

Healthcare provider Ardent Health Services disclosed a ransomware attack

The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week.

Ardent Health Services is a healthcare company that operates hospitals and other medical facilities in the United States. It is a …

Security Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Rhysida

…

Rhysida ransomware gang claimed China Energy hack

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation.

The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site.

Energy China
https://t.co/uxjslhW8l2

…

ClearFake campaign spreads macOS AMOS information stealer

Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of the ClearFake campaign.

Atomic Stealer (AMOS) macOS information stealer is now being delivered via a fake browser update chain tracked as ClearFake, …

ClearFake campaign spreads macOS AMOS information stealer

Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of the ClearFake campaign.

Atomic Stealer (AMOS) macOS information stealer is now being delivered via a fake browser update chain tracked as ClearFake, …

Welltok data breach impacted 8.5 million patients in the U.S.

Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 million patients in the U.S.

Welltok is a company that specializes in health optimization solutions. It provides a platform that leverages data-driven insights to engage individuals in their …

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack.

AutoZone is an American retailer and distributor of automotive parts and accessories. The company is one of the largest aftermarket automotive parts …

New InfectedSlurs Mirai-based botnet exploits two zero-days

Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices.

Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) …

New InfectedSlurs Mirai-based botnet exploits two zero-days

Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices.

Akamai discovered a new Mirai-based DDoS botnet, named InfectedSlurs, actively exploiting two zero-day vulnerabilities to infect routers and video recorder (NVR) …

Tor Project removed several relays associated with a suspicious cryptocurrency scheme

The Tor Project removed several relays that were used as part of a cryptocurrency scheme and represented a threat to the users.

The Tor Project announced the removal of multiple network relays that were involved in a cryptocurrency scheme.

A …

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors.

The Carbon Black Managed Detection & Response team is warning of a surge in the number of new infections related to NetSupport RAT in …

Canadian government impacted by data breaches of two of its contractors

The Canadian government discloses a data breach after threat actors hacked two of its contractors.

The Canadian government declared that two of its contractors,Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, have been hacked, resulting in …

Rhysida ransomware gang is auctioning data stolen from the British Library

The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage.

The Rhysida ransomware gang added the British Library to the list of victims on its Tor leak site. The …

US teenager pleads guilty to his role in credential stuffing attack on a betting site

US teenager Joseph Garrison pleads guilty to carrying out a credential stuffing attack on a betting website.

US teenager Joseph Garrison (19) has pleaded guilty to his involvement in a credential stuffing campaign that targeted user accounts at a fantasy …

Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Israeli

…

Category: Cybercrime

Okta reveals additional attackers’ activities in October 2023 Breach

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach.

International police operation dismantled a prominent Ukraine-based Ransomware group

An international law enforcement operation dismantled the core of a ransomware group operating from Ukraine.

Daixin Team group claimed the hack of North Texas Municipal Water District

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data.

Healthcare provider Ardent Health Services disclosed a ransomware attack

The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week.

Rhysida ransomware gang claimed China Energy hack

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation.

ClearFake campaign spreads macOS AMOS information stealer

Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of the ClearFake campaign.

ClearFake campaign spreads macOS AMOS information stealer

Threat actors spread Atomic Stealer (AMOS) macOS information stealer via a bogus web browser update as part of the ClearFake campaign.

Welltok data breach impacted 8.5 million patients in the U.S.

Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 million patients in the U.S.

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack.

New InfectedSlurs Mirai-based botnet exploits two zero-days

Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices.

New InfectedSlurs Mirai-based botnet exploits two zero-days

Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices.

Tor Project removed several relays associated with a suspicious cryptocurrency scheme

The Tor Project removed several relays that were used as part of a cryptocurrency scheme and represented a threat to the users.

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors.

Canadian government impacted by data breaches of two of its contractors

The Canadian government discloses a data breach after threat actors hacked two of its contractors.

Rhysida ransomware gang is auctioning data stolen from the British Library

The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library that has caused a major IT outage.

US teenager pleads guilty to his role in credential stuffing attack on a betting site

US teenager Joseph Garrison pleads guilty to carrying out a credential stuffing attack on a betting website.

8Base ransomware operators use a new variant of the Phobos ransomware

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks.

8Base ransomware operators use a new variant of the Phobos ransomware

8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks.