Tag: 2022
-
Data on 774k US children exposed due to misconfigured AWS S3
Childrens data on the dark web discovered by our darknet monitoring service On July 13, 2022 hacker under alias “WeLeakDatabase” has shared a file called “774k USA SCHOOL DETAILS”. While the origins of the database have been unclear, the details of the leak have been impressive: 2GB of data, that contains information of underage students…
-
Google, Microsoft, IBM and Adobe’s preferred marketing agency falls victim of hackers
Kaduu’s Darknet Reserach Team finds proof of targeted attack against a marketing agency On July 2, 2022 Kaduu Team has came upon and investigated a new database breach that has concerned marketing agency, preferred by many tech giants. The victim of hackers is Channel-Technologies, or, shortly, CT, that has been attacked this July. Channel-Technologies, according…
-
“The world’s best record shop” leaks 701k user records and personal info
June 2022: Kaduu’s Dark Web Monitoring Research Team finds large data leak with personalized account data Famous Japanese record chain store and music distributor, DiskUnion, has suffered a full-scale cyber attack on June 24, 2022. DiskUnion has been known as a place to buy and sell disks, vinyls, proudly stating “We buy your records higher…
-
CR2 banking solution hacked, data leaked online
On Sunday June 19, 2022 Kaduu Team has discovered data leak belonging to CR2.com. CR2 is an Irish-owned banking software company which provides mobile, internet and ATM financial service technology to more than 100 retail banks across Africa, the Middle East and Asia. Headquartered in Dublin, Ireland, the company has offices in Dubai, London, Cairo, Amman, Bengaluru, Lagos,…
-
Yippi social network data breach
June 2022: Targeted attack against Asia’s Social Media Network detected by Kaduu’s Dark Web Monitoring Research Team Southeast Asia’s 1st social media & messaging super app that connects people around the world with multi-features, including social communication, has been hacked. On June 14, 2022 Kaduu Team has discovered data leak belonging to YippiWeb.com. More details…
-
Zimbra mail client critical bug allows stealing email logins
Zimbra E-Mail client vulnerability is as severe as it gets Technical details have emerged on a highly severe vulnerability affecting certain versions of the Zimbra email server provider. Hackers might have exploited this bug to steal logins without authentication or any user interaction. The security issue is tracked as CVE-2022-27924 and impacts Zimbra releases 8.8.x and 9.x…
-
Beware of Phishing: cybercriminals now use chatbots
The darknet has a new playground: Phishing with chatbots Phishing attacks are now using automated chatbots to guide visitors through the process of handing over their login credentials to threat actors. This approach automates the process for attackers and gives a sense of legitimacy to visitors of the malicious sites, as chatbots are commonly found on websites…
-
Novartis experienced a cyber attack
On February 25, Pharmaceutical giant Novartis has been attacked by Industrial Spy hacking group. The company ensures no sensitive data has been compromised during the incident. Industrial Spy is a hacking group that runs an extortion marketplace where they sell data stolen from compromised organizations. On June 2, the hacking group began selling data allegedly…
-
Cl0p Ransomware back online, 21 victims in a month
After shutting down their entire operation for several months, between November and February, the Cl0p ransomware is now back. The surge in activity was noticed after the ransomware group added 21 new victims to their data leak site within a single month of April. Cl0p has became very active comparing to itself in the past.…
-
General Motors suffered from credential stuffing
On May 23, it was disclosed that car manufacturer General Motors was the victim of a credential stuffing attack last month that exposed some customers’ information and allowed hackers to redeem rewards points for gift cards. General Motors run its own online platform for car owners to facilitate car and accessories management. Credentials stuffing is…