GokuMarket, a centralized crypto exchange owned by ByteX, left an open instance, revealing the details of virtually all of its users, the Cybernews research team has discovered. The leak comes after the team discovered an unprotected MongoDB instance, which stored…
Tag: Security Affairs
BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign
Resecurity has uncovered a meaningful link between three major ransomware groups, BianLian, White Rabbit, and Mario Ransomware. Based on a recent Digital Forensics & Incident Response (DFIR) engagement with a law enforcement agency (LEA) and one of the leading investment…
Idaho National Laboratory data breach impacted 45,047 individuals
The Idaho National Laboratory (INL) announced that it has suffered a data breach impacting more than 45,000 individuals. In November, the hacktivist group SiegedSec claimed responsibility for the hack of The Idaho National Laboratory (INL) and leaked stolen human resources data.…
Ubiquiti users claim to have access to other people’s devices
Users of Ubiquiti WiFi products started reporting that they are accessing other people’s devices when logging into their accounts. Some users of Ubiquiti wifi products started reporting unexpected access to security camera footage, photos, and other devices upon logging into…
Russia-linked APT29 spotted targeting JetBrains TeamCity servers
Russia-linked cyber espionage group APT29 has been targeting JetBrains TeamCity servers since September 2023. Experts warn that the Russia-linked APT29 group has been observed targeting JetBrains TeamCity servers to gain initial access to the targets’ networks. The APT29 group (aka SVR…
Microsoft seized the US infrastructure of the Storm-1152 cybercrime group
Microsoft’s Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft’s Digital Crimes Unit seized multiple domains used by a cybercrime group, tracked as Storm-1152, to sell fraudulent accounts. Storm-1152 operates illicit websites…
French authorities arrested a Russian national for his role in the Hive ransomware operation
French police arrested a Russian national who is suspected of laundering money resulting from the criminal activity of the Hive ransomware gang. The French authorities arrested in Paris a Russian national who is suspected of laundering criminal proceeds for the…
China-linked APT Volt Typhoon linked to KV-Botnet
Researchers linked a sophisticated botnet, tracked as KV-Botnet, to the operation of the China-linked threat actor Volt Typhoon. The Black Lotus Labs team at Lumen Technologies linked a small office/home office (SOHO) router botnet, tracked as KV-Botnet to the operations…
UK Home Office is ignoring the risk of ‘catastrophic ransomware attacks,’ report warns
A Joint Committee on the National Security Strategy (JCNSS) warns of the high risk of a catastrophic ransomware attack on the UK government. The British government is accused of failing to mitigate the risk of ransomware attacks. According to a…
OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks
Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks. Threat actors are using OAuth applications such as an automation tool in cryptocurrency mining campaigns and other financially motivated attacks. The attackers compromise user accounts…