Author: Cybersecurity Analyst
-
REvil ransomware is back?
Back in January 2022 we were writing that REvil ransomware servers were seized by FBI and some of cyber criminals behind it have been arrested. However, less than four months later ransomware’s Tor page, “Happy blog”, came back to life. More surprisingly, REvil posted information about new victims: Visotec Group and Oil-india.com. It’s unclear whether…
-
BlackCat ransomware hits 60 entities worldwide
Relatively new ransomware, called Black Cat, has reportedly breached 60 different companies around the globe. The Federal Bureau of Investigation (FBI) has released a white flash report concerning BlackCat, also known as ALPHV. It is known that ransomware gang has been attacking organisations between November 2021 and March 2022. The flash alert is part of…
-
TikTok data leaked online
On April 17, 2022 a data leak allegedly belonging to a video-focused social networking service TikTok started spreading on underground hacking platforms. It consisted of JSON and SQL files totalling 26GB. Kaduu Team has analysed files in this “leak”. The dataset is just metadata for 32,489,068 TikTok videos, scraped between 2020-07-22 and 2020-10-13, meaning, it…
-
GitHub to secure developers: auto-block commits containing API keys, auth tokens
GitHub has announced on Monday 4, 2022 that company has expanded its platform’s secrets scanning capabilities for GitHub Advanced Security customers to block secret leaks automatically. Secret scanning is an advanced security option that organizations using GitHub Enterprise Cloud with a GitHub Advanced Security license can enable for additional repository scanning. This feature, unfortunately, does…
-
World’s largest darknet market “Hydra” is taken down
On April 5, 2022 German authorities have announced seizure of Hydra servers, as well as crypto-funds identified during special operation. The police were also able to seize 543 bitcoins from the profits of Hydra, which are currently worth a little over $25 million. It’s remarkable, that Hydra has processed more than $3.2B since its launch…
-
Globant Hacked, 70Gb leaked online
IT and software consultancy firm Globant has confirmed that they were breached by the Lapsus$ ransomware operators, where data consisting of administrator credentials and source code was leaked by the threat actors. As part of the leak, the hacking group released a 70GB archive of data stolen from Globant, describing it as “some customers source…
-
Nestlé Data: Anonymous Hack or Internal Breach?
On March 22, Nestlé, the Swiss multinational food and drink processing conglomerate corporation, has suffered a data breach. Hacking group Anonymous in a series of tweets has called out companies that continue operating in Russia for sponsoring Kremlin regime by taxes they pay in country. Days after Anonymous has claimed to have hacked Nestlé, extracting…
-
Ubisoft suffers cyber security incident
Video game developer Ubisoft has confirmed that it had a ‘cyber security incident’ that caused disruption to its games, systems, and services earlier this month. Ransomware group LAPSUS$, who has claimed responsibility for hacking Samsung, NVIDIA, and Mercado Libre thus far, appears to be behind this incident too. Ubisoft Entertainment SA is a French video game company…
-
Confirmed: 190Gb of Samsung data leaked on darknet
The infamous ransomware Lapsus$ announced right after Nvidia incident their next victim: Samsung. On March 4, Lapsus$ published a description of the upcoming leak, saying that it contains “confidential Samsung source code” originating from a breach. The full announcement is present below: Lapsus$ split the leaked data in three compressed files that add to almost…