The Medusa ransomware group has claimed to breach multiple international companies and is threatening to release their stolen data unless ransom demands are met. The leaked data includes sensitive corporate information from companies across different industries and countries. #MedusaRansomware #DataLeak #CyberThreats…
Tag: DARK WEB
A China-backed APT (Flax Typhoon) maintained year-long access to an ArcGIS environment by converting a legitimate Java Server Object Extension (SOE) into a hardcoded-key gated web shell and embedding it in backups to survive recovery. The intruders also deployed a renamed SoftEther VPN executable as a service for persistent C2 and lateral access. #FlaxTyphoon #ArcGIS
The Obscura ransomware group has taken responsibility for a cyberattack on Michigan City, Indiana, impacting data and municipal services. The group exfiltrated 450 GB of data and publicly released it after failed negotiations. #Obscura #IndianaCity #DarkWebLeak #RansomwareAttack…
The Akira ransomware group has claimed responsibility for breaching multiple U.S. companies, stealing and threatening to leak sensitive data. Their tactics include double extortion, exfiltrating large volumes of data to pressure victims into paying ransoms. #AkiraRansomware #DataLeak…
The FBI and international law enforcement have taken control of the BreachForums domain, disrupting the cybercrime operation run by ShinyHunters. Despite the seizure, the hackers claim their campaign targeting Salesforce remains unaffected, revealing widespread data breaches of major corporations. #ShinyHunters #BreachForums
A threat actor has breached Creatorlink, a South Korean website builder, and is selling the stolen database on the dark web. The compromised data includes personal details, technical activity, and platform-specific information of over 575,000 users. #Creatorlink #DarkWeb #DataBreach #UserData…
A threat actor has claimed to have compromised and is selling the migration database of Migración Colombia on a dark web forum, containing about 1.5 million records. The exposed data includes sensitive personal information such as full names, addresses, and DNI numbers. #MigraciónColombia #DarkWebBreach…
Rothmans, a threat actor, is allegedly selling a leaked customer database from Accord Bank Ukraine. The compromised data includes sensitive personal information from the bank’s customers. #Rothmans #AccordBankUkraine…
An alleged data sale involves the KFC Venezuela customer and order database on the dark web. This incident highlights potential risks of data breaches affecting customer privacy and business operations. #KFCVenezuela #DataLeakage…
Telstra denies any recent data breach, asserting that the compromised data was scraped from public sources and not from its internal systems. However, threat actors claiming to have access to over 19 million PII records continue to threaten and list Telstra among their victims. #ScatteredSpider #Lapsus$Hunters…
Two teenagers in the UK were arrested following a ransomware attack that led to the doxing of over 1,000 children associated with the Kido nursery chain. The incident involved data theft, extortion attempts, and highlighted ongoing concerns about cyber threats targeting sensitive information. #RadiantGroup #KidoNursery
Western Sydney University has been targeted by a scam involving fraudulent emails falsely claiming student exclusions and revoked degrees. The incident has caused confusion among students, prompting university and police investigations. #WesternSydneyUniversity #PhishingEmails…
Attackers are commoditizing the ClickFix social-engineering technique into phishing kits like the IUAM ClickFix Generator to automate creation of spoofed browser-verification pages that trick victims into manually executing malware. Observed campaigns delivered DeerStealer and Odyssey infostealer using clipboard-injection and OS-detection features from hosted phishing pages. #IUAM_ClickFix_Generator #DeerStealer #Odyssey…
The Akira ransomware group has claimed to breach multiple organizations, exfiltrating sensitive data and threatening its release. Victims include Cerenade Technology, Harbor Diesel & Equipment, and J. Lorber Company, with compromised data spanning personal, financial, and corporate information. #AkiraRansomware #DataLeakage #CyberThreats…
Avnet experienced a data breach involving the theft of 7 to 12TB of data stored on an external cloud service, although most of it remains unreadable without proprietary tools. The company quickly responded by rotating secrets in its Azure/Databricks environments and reports that the breach was limited to a single system in the EMEA region. #Avnet #Cyberattack #DarkWeb #DataLeak #EMEARegion