Daily Cyber Brief
The IRGC is exploiting Log4j vulnerabilities in ransomware attacks, NK hackers are using a trojanized version of PuTTY client, and a hacker is selling the data of 219K Starbucks customers...
Cybersecurity
Uber suffered a cyberattack Thursday afternoon with an allegedly 18-year-old hacker downloading HackerOne vulnerability reports and sharing screenshots of the company's internal systems, email dashboard, and Slack server. The screenshots shared by the hacker…
What just happened? What is allegedly a massive leak of GTA 6 content, including dozens of test build videos and screenshots, has been posted by the 18-year-old hacker claiming to be behind the recent Uber breach. Whether they are legitimate is still open to debate, but a lot…
When Belarusian activist Yuliana Shemetovets was offered a job as the spokesperson of the Belarusian Cyber Partisans hacktivist group, she didn’t rush to accept it. “To be honest, I was scared,” she told The Record. She had reasons to be. Belarus is an authoritarian state in…
Threat analysts at AquaSec have spotted signs of TeamTNT activity on their honeypots since early September, leading them to believe the notorious hacking group is back in action. TeamTNT announced it was quitting back in November 2021, and indeed, most associated…
Cybersecurity agencies in the US, UK, Australia and Canada have warned that Iranian state-sponsored hackers are exploiting Log4j vulnerabilities in ransomware campaigns. An alert published this week said Tehran’s Islamic Revolutionary Guard Corps (IRGC) was behind…
While monitoring the Emotet botnet's current activity, security researchers found that the Quantum and BlackCat ransomware gangs are now using the malware to deploy their payloads. This is an interesting development given that the Conti cybercrime syndicate was…
Cybersecurity researchers have exposed new connections between a widely used pay-per-install (PPI) malware service known as PrivateLoader and another PPI platform offered by a cybercriminal actor dubbed ruzki. "The threat actor ruzki (aka les0k, zhigalsz)…
Empress EMS (Emergency Medical Services), a New York-based emergency response and ambulance service provider, has disclosed a data breach that exposed customer information. According to the notification, the company suffered a ransomware attack on July 14, 2022…
The Singapore division of Starbucks, the popular American coffeehouse chain, has admitted that it suffered a data breach incident impacting over 219,000 of its customers. The first clue that they were breached came on September 10, when a threat actor offered to sell a…
A threat with a North Korea nexus has been found leveraging a "novel spear phish methodology" that involves making use of trojanized versions of the PuTTY SSH and Telnet client. Google-owned threat intelligence firm Mandiant attributed the new campaign to an…