Category

Policy Enforcement

Policy Enforcement page 1

vendor supply chain knowledge gap third-party risk assessment

Third-party cyber risk, The vendor supply chain knowledge gap

The recent SolarWinds cyberattack exposed a third-party supply chain weakness using exploitable vulnerabilities on other widely distributed and implemented software and system offerings available in the market. Still, many enterprises have little insight into the set of suppliers currently being used in their infrastructure systems. Based on a survey conducted by BlueVoyant, out of 1,500...
Continue Reading
iobit ransomware DeroHe vulnerability brand abuse

IOBit group forum hacked to spread ransomware to members

New player ransomware – DeroHe has recently added to their victim an established computer utility developer on their list. Their recent victim is the IOBit company that started in 2004, developing various applications that focus on computer optimization and virus/malware protection.  According to the report, the attack was orchestrated to the group forum of IOBit...
Continue Reading
hackney council UK London Compromised Data Stolen Data Published Pysa

Data Stolen from Hackney Council in London published online

Hackney Council in the United Kingdom allegedly has their sensitive private data stolen and published online three months after the reported serious ransomware attack that they encountered last October 2020 which have affected their IT systems and network.   The publishing of the stolen data has been claimed by a cyber-crime group known as Pysa/Mespinoza. They had...
Continue Reading
7 Million Indian Credit Debit Card Data Leak Dark Web

Credit and debit card data leak of 7 million Indian in the Dark Web

The current trend in the dark web highlighted data leak of almost 7 million Indian cardholders’ sensitive information that has been discovered for public view. Based on different cybersecurity organizations’ testimony on the leaked database, they confirmed that the data is as large as 2 GB and includes PAN numbers sold off in the dark...
Continue Reading
solarwinds orion github passwordl eak CozyBear APT

SolarWinds’ Orion platform Github password leak

The Cybercommunity is currently in chaos as Solarwinds, developer of network management software has confirmed that their sophisticated Orion IT software has been compromised and affected system access was sold off in the underground forum of hackers. The latest report told the 18,000 companies out of 300,000 have been affected by such intrusion. The magnitude...
Continue Reading
google outage operation aurora DDOS china

Google outage a throw back to the sponsored hackers in China: Operation Aurora

A few days passed; the cyber community again experienced another worldwide Distributed-Denial-of-Service (DDoS) that hits one of the tech giant service providers. With billions of users, Google has been struck by such attacks that led to most of its services – Gmail, Calendar, and Youtube have been inaccessible for a few hours. Based on the...
Continue Reading
botnet hackers unsecured ENV files internet

Botnets being used by Hackers to scan The Internet for Unsecured ENV Files

Moving stealthily in the background, several hackers have been scouring the internet in a vast and massive search campaign that started probably 3-years ago. The targets of their search campaign are the exposed and unprotected ENV files on multiple web servers worldwide. ENV files (environment files) are data files used by an operating system on...
Continue Reading
Prestige Software data leak misconfigured storage

Prestige Software hotel reservation system Data Leak

Approximately a whopping 25 GB of sensitive personal information was leaked on the net from a misconfigured AWS S3 bucket of Prestige Software. The company is based in Barcelona, Spain that caters to software-based solutions mostly for Cloud Hospitality. The company’s few well-known clients are Expedia, Amadeus, Booking.com, Hotels.com, Agoda, Omnibees, and other similar businesses...
Continue Reading
hospitals healthcare ryuk trickbot ransomware malware trojan

Hospitals still targeted by the Ryuk Trickbot Ransomware

With the ongoing battle with the Covid-19 pandemic, so is the exploitation of many health institutions being compromised by many adversaries. On the recently submitted report, which is based on the collaborative investigation performed by Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation, and Department of Health and Human Services of the United...
Continue Reading
iranian hackers US voter's data hacking FBI

State-sponsored Iranian Hackers infiltrated and stole US Voter’s Data

A recent advisory from the United States Cybersecurity Agency reveals another alarming incident related to US election activities. It was known that a group of Iranian hackers infiltrated and accessed a large number of US voters’ registration information and attempted to access similar contents from other states. According to undisclosed sources, the attacks were coordinated,...
Continue Reading
1 2 3 6