Author: Cybersecurity Analyst
-
Zimbra mail client critical bug allows stealing email logins
Zimbra E-Mail client vulnerability is as severe as it gets Technical details have emerged on a highly severe vulnerability affecting certain versions of the Zimbra email server provider. Hackers might have exploited this bug to steal logins without authentication or any user interaction. The security issue is tracked as CVE-2022-27924 and impacts Zimbra releases 8.8.x and 9.x…
-
Beware of Phishing: cybercriminals now use chatbots
The darknet has a new playground: Phishing with chatbots Phishing attacks are now using automated chatbots to guide visitors through the process of handing over their login credentials to threat actors. This approach automates the process for attackers and gives a sense of legitimacy to visitors of the malicious sites, as chatbots are commonly found on websites…
-
Novartis experienced a cyber attack
On February 25, Pharmaceutical giant Novartis has been attacked by Industrial Spy hacking group. The company ensures no sensitive data has been compromised during the incident. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. On June 2, the hacking group began selling data allegedly…
-
Cl0p Ransomware back online, 21 victims in a month
After shutting down their entire operation for several months, between November and February, the Cl0p ransomware is now back. The surge in activity was noticed after the ransomware group added 21 new victims to their data leak site within a single month of April. Cl0p has became very active comparing to itself in the past.…
-
General Motors suffered from credential stuffing
On May 23, it was disclosed that car manufacturer General Motors was the victim of a credential stuffing attack last month that exposed some customers’ information and allowed hackers to redeem rewards points for gift cards. General Motors run its own online platform for car owners to facilitate car and accessories management. Credentials stuffing is…
-
Nikkei’s Asian headquarter hit by ransomware
Media giant Nikkei disclosed that the group’s headquarters in Singapore was hit by a ransomware attack on May 13, 2022. “Unauthorized access to the server was first detected on May 13, prompting an internal probe,” the company revealed in a press release published on Thursday. “Nikkei Group Asia immediately shut down the affected server and…
-
Domain Transfer
We’re transferring our domains to the other domain registrar. This may temporarily affect the system availability and make some systems unable to resolve, until DNS records are refreshed globally. If you find out that our UI or API domain is not able to resolve anymore, and you have some urgent work to do, please contact…
-
21M SuperVPN, GeckoVPN users data leaked on Telegram
Earlier this month we have detected several Telegram channels that share with their followers various data breaches. This time database of 10GB worth of data from companies like SuperVPN, GeckoVPN, and ChatVPN has been shared online and is now available to anyone for download. On May 4th, 2022, a database containing the personal details and…
-
Heroku confirms its data breach
On May 5, Heroku, a platform as a service (PaaS) that enables developers to build, run, and operate applications entirely in the cloud, confirmed its data breach. Heroku revealed that hackers used stolen GitHub integration OAuth tokens in order to exfiltrate customers’ hashed and salted passwords from internal customer database. This week, Heroku started performing forced password resets…
-
Popular ransomware bugs allow blocking encryption
Hackers are known to exploit vulnerabilities to gain access to databases and companies’ files. This time though, a researcher has found a bug in ransomware that allows to prevent encryption. The “popular” ransomware, like Conti, the revived REvil, the newcomer Black Basta, the highly active LockBit, or AvosLocker, all came with security issues that could be…