Blog
600 Stolen Passwords From UK Ministry of Defence Appear on Dark Web, Attributed to Russian Hackers
Russian hackers have been taking passwords from the UK’s Ministry of Defence (MoD) for at least the past four years, though the campaign has been rather slow; only about 600 stolen passwords of the roughly 250,000 users of the Defence Gateway portal.
Supply Chains in the News Once Again as Ransomware Attack on Blue Yonder Disrupts Retail Clients
Blue Yonder, which provides supply chain software to many household name brands, went offline for an extended period due to a late November ransomware attack. Extended lack of access to the supply chain software causing customers like Starbucks assorted problems.
Finastra Data Breach: Fintech Giant Confirms Data Exfiltration, Some Customers May Be Impacted
Leading fintech services provider Finastra has confirmed that 400 GB of stolen data offered on BreachForums is connected to a real data breach, though it is still not certain exactly how much legitimate information the hacker is offering or exactly what it consists of.
New T-Mobile Hack Report Raises Count for Salt Typhoon Cyber Espionage Group
With the reveal of the T-Mobile hack, the Salt Typhoon cyber espionage campaign officially compromised all three of the “big” US mobile carriers. That is an extremely concerning level of access, particularly considering that the hackers were apparently able to maintain access for months without being spotted.
Data Broker That Scraped Hundreds of Millions of Records Loses Data to Hack
The data broker, DemandScience, has only just now confirmed it was the source of 122 million records offered for sale on BreachForums earlier in the year. However, DemandScience insists that it has not detected an internal breach and that the data must have been taken from a contractor or partner.
Third Party Breach of MOVEit Vulnerability Hits Amazon, Employee Data Remains at Risk
With a total of five million records on offer, and over half of those belonging to Amazon, the third party breach is definitely a matter of concern. However, statements from both Amazon and the hacker indicate that the stolen employee data did not contain highly sensitive information.
CISA’s Top Exploited Vulnerabilities List Stresses Importance of Timely Patching
Very few people probably need a reminder at this point, but CISA’s annual list of the most frequently exploited vulnerabilities reinforces the importance of timely patching when zero-days are announced.
Hacker Spree of Fake Invoices Stems From Permissive DocuSign APIs
Hackers are using the DocuSign APIs to forge authentic-looking fake invoices for payment backed by the trusted “docusign.net” domain. The term “hacking” is used loosely here as it is something that any paying customer with Envelopes API access could do.
Hackers Demonstrates Gathering Stolen Credentials Is as Easy as Scanning for Git Config Files
Recent campaign called “EmeraldWhale” snapped up over 15,000 stolen credentials simply by mass scanning for errant web configurations exposing Git config files to the public.
Trump and Vance’s Phone Data Targeted by Chinese Hackers That Broke Into Telcos
Thus far officials are being tight-lipped about the campaign of the Chinese hackers and any phone data they might have accessed, which points to something potentially being stolen. As to what is anyone’s guess.