The Cactus ransomware group has targeted DRM Arby’s (drmarbys.com) in their latest attack, adding to the list of victims. Founded in 1977 by Dean Johnson, DRM operates 73 Arby’s Restaurants across four states, generating a substantial revenue of $266.6 million. However, this family-owned company now faces a severe breach as the…
Category: Cyber Attack
In April 2024, T2, officially registered as Tea Too, a renowned chain of specialty tea shops with establishments across Australia, Singapore, and New Zealand, experienced a data breach. Allegedly, the breach compromised a total of 85,981 unique email accounts. The breached data includes various personal details such as emails, names, phone…
In a recent announcement, the notorious group SixtySixSlavs claims to have breached the National Energy Research Scientific Computing Center (NERSC), a facility owned and funded by the U.S. Department of Energy. Alongside this breach, they also mention targeting a lesser-known Indonesian entity, specifically the website of iainkediri.ac.id. Expressing their disdain for…
In April 2024, approximately 20,000 rows of data belonging to the retail company Kameymall were reportedly posted on a prominent hacking forum. The data breach is said to have occurred through the exploitation of several critical vulnerabilities. The compromised data includes various fields such as ID, member level ID, username, password,…
Security researchers Fabian Bäumer and Marcus Brinkmann from Ruhr University Bochum have identified a severe security flaw (CVE-2024-31497) in the popular SSH client PuTTY, affecting versions 0.68 to 0.80. This vulnerability extends to various software like FileZilla, WinSCP, TortoiseGit, and TortoiseSVN, compromising private keys used in the ECDSA algorithm with the…
Allegedly, threat actors claim to have successfully penetrated the systems of the Efrat Airlines, gaining access to database of their critical systems. The compromised data includes a wide array of sensitive information, ranging from company’s clients and contact details to payment information, with fields such as “first name“, “last name“, “address“,…
BreachForums’ website on the clearnet is presently offline and has been inaccessible for an extended duration. Regarding the recent suspension of the BreachForums domain, Baphomet, the administrator of the platform, has issued a statement addressing the situation. Baphomet announced a temporary domain, breachforums[.]st, after the suspension of the previous domain (.cx)….
In a concerning development, a threat actor has surfaced, asserting the availability of unauthorized access to the RDP of a prominent Iranian Pipeline/Petrol / Chemicals / Logistics Company. The threat actor does not provide information about the company’s valuation. However, it is claimed that access to the accounts of 35+ domain…
BreachForums’ website on the clearnet is presently offline and has been inaccessible for an extended duration. Regarding the recent suspension of the BreachForums domain, Baphomet, the administrator of the platform, has issued a statement addressing the situation. Baphomet announced a temporary domain, breachforums[.]st, after the suspension of the previous domain (.cx)….
Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers. Cisco Duo warns of a data breach involving one of its telephony suppliers, compromising multifactor authentication (MFA) messages sent to customers via…
On April 15th, 2024, Blooms Today, a leading flower and gift delivery service, allegedly fell victim to a significant data breach, with a threat actor claiming to possess over 15 million records stored in CSV format. The compromised data includes a wide array of sensitive information, ranging from customer identifiers and…
In a recent development, the PHP development team has unveiled a series of critical security vulnerabilities that pose significant risks to web applications and systems powered by PHP, emphasizing the urgent need for proactive measures to mitigate potential exploits and safeguard digital assets. These vulnerabilities, encompassing arbitrary command injection, authentication bypass,…
A threat actor has reportedly announced the sale of a database associated with Curva, a prominent e-commerce platform based in Egypt. Curva is an Egyptian sportswear brand providing a variety of products available in a wide price range. According to the claims, this database, totaling 2GB in size, encompasses extensive information…
SN_Blackmeta has claimed responsibility for orchestrating a large-scale cyber attack against the infrastructure of Orange Israel, a telecommunications behemoth renowned globally for its expansive array of services encompassing mobile, internet, TV, and digital solutions. Established in 1999 as part of the esteemed Orange Group, Orange Israel has remained steadfast in providing…
A threat actor, IntelBroker, has purportedly leaked the database of Space-Eyes, a provider of on-demand tasking to a Synthetic Aperture Radar satellite. Their services, which integrate collections across all weather and lighting conditions with contextual data, are primarily focused on analyzing threats in the maritime domain. The breach, allegedly occurring in…