The Cactus ransomware group has allegedly struck again, announcing three high-profile victims in their latest series of attacks. The targeted companies span across the United States, Denmark, and Italy, with substantial ransom demands and significant data breaches. Reawire.com (USA) Reawire is one of the world’s largest manufacturers of magnet and nonferrous…
Category: Cyber Attack
A threat actor, IntelBroker,Β claims to be selling data obtained from a June 2024 breach of AMD, a major player in the computing industry. The compromised data reportedly includes a wide array of sensitive information, ranging from future product details to employee and customer databases. The alleged breach encompasses information on…
Printed circuit board assembly (PCBA) manufacturer Keytronic disclosed a data breach after a ransomware attack. Keytronic has confirmed a data breach after a ransomware group leaked allegedly stolen personal information from its systems. The company did not provide any info on the ransomware operation that hit its network, however Black Basta…
In a new cyber security incident, a threat actor has announced the sale of a zero-day Remote Code Execution (RCE) exploit targeting Atlassian’s Jira. This exploit allegedly works on the latest version of the Jira desktop app, as well as Jira integrated with Confluence, without requiring any login credentials. Additionally, it…
A threat actor is reportedly selling unauthorized administrative access to a SolarWinds Orion account used by a major telecommunications company, revenue $350 Billion, in Latin America. This access allegedly manages around 200 customers, including banks, trust funds, and petroleum stations. The access being sold comes with full admin privileges, enabling the…
An alleged data breach involving Maxicare Philippines has been identified by the Deep Web Konek Team. The breach, carried out by a threat actor known as “OPCODE-90,” resulted in the unauthorized scraping of authenticated data.
The renowned French fashion brand Zadig & Voltaire has suffered a data breach, exposing 587,000 unique email addresses. The popular data breach notification service Have I Been Pwned confirmed the breach via a tweet on its official account. New breach: Zadig & Voltaire had 587k unique email…
The County of Los Angelesβ Department of Public Health (DPH) disclosed a data breach that impacted more than 200,000 individuals. The LA Countyβs Department of Public Health announced that the personal information of more than 200,000 was compromised after a data breach that occurred between February 19 and February 20, 2024….
A threat actor has announced the sale of an exploit for CVE-2024-30078, a Remote Code Execution (RCE) vulnerability in the WiFi driver affecting all Windows Vista and later devices. In their announcement, the threat actor details that the exploit allows for remote code execution over WiFi, leveraging compromised access points or…
A threat actor has purportedly advertised the sale of access to a European biomedical company that holds contracts with entities in the United States. The offer includes access to approximately 6 terabytes of data belonging to the company. In their announcement, the threat actor clarifies that they are selling access to…
A threat actor has announced the sale of a 0day vulnerability for Dahua cameras, which is claimed to be compatible with all versions of the device. In their announcement, the threat actor describes the vulnerability as a Remote Code Execution (RCE) exploit that allows unrestricted access to all functions of the…
A threat actor has announced that they are selling a database containing information on over 49,000 members and partners of NATO, alongside classified documents and technical reports. The threat actor’s claims were made in an online post. According to the post, the documents include various security classifications: NATO Restricted (NR) NATO…
A threat actor has announced the sale of a highly sophisticated Android Remote Code Execution (RCE) exploit. The exploit is purportedly a zero-click type, meaning it requires no interaction from the target to execute, significantly increasing its potential threat. The details of the announcement are as follows: Exploit Type: Zero-click Price:…
Ph1ns claimed responsibility which he has access to approximately 91 gigabytes of data from MARINA’s servers and exfiltrating about 20 gigabytes, including operational and administrative information vital to maritime operations. This compromised data encompasses detailed information such as principal names, company details, ship specifications (including official numbers and tonnage), and other critical maritime records stored in MARINA’s database
A threat actor has surfaced, claiming to sell unauthorized access to a vast array of companies, predominantly based in the United States. This alarming claim was made public through an announcement detailing the extensive range of access being offered. According to the threat actor, they have breached a contracting company that…