09-27-2023, 03:02 PM
Today, we have two instances of leaked databases that exposed a massive chunk of data. The first one is DarkBeam that leaked over three billion breached credentials. The second security misconfiguration instance belongs to Flair Airlines, which left environment files publicly accessible for seven months. The threat landscape witnessed the emergence of a new APT group, AtlasCross, that is impersonating the American Red Cross to target users. Read along for more.
01
DarkBeam, a digital risk protection firm, mistakenly left an Elasticsearch and Kibana interface unprotected, exposing over 3.8 billion user emails and passwords from previous and unreported data breaches.
02
Canadian Flair Airlines left environment files exposed on its website for seven months. The leaked data included MySQL database credentials, SMTP configuration, and user information such as names, emails, phone numbers, and flight details.
03
The Philippine Health Insurance Corporation (PhilHealth) has been hit by a ransomware attack, forcing it to take several websites and portals offline. The Medusa ransomware group is responsible for the attack.
04
The Snatch ransomware group has been found leaking data about its location and operations, which revealed that the group uses paid ads on Google to trick people into downloading malware disguised as popular free software.
05
A new APT group called AtlasCross is targeting organizations using phishing lures impersonating the American Red Cross to deliver two backdoor malware - DangerAds and AtlasAgent.
06
Hackers are targeting GitHub accounts by impersonating Dependabot contributions and injecting malicious code to steal authentication secrets and passwords from developers - reported Checkmarx.
07
Hackers were spotted using the ZeroFont phishing technique to make malicious emails appear as if they have been scanned and secured by security tools in Microsoft Outlook.
08
Cyberattacks on European financial services firms have surged by 119% between Q2 2022 and Q2 2023, according to a report from Akamai, with web app and API attacks accounting for 65%.
09
A new malware strain called ZenRAT is being distributed through fake Bitwarden password manager installation packages. The modular RAT specifically targets Windows users.
10
Cloud detection and response startup Gem Security raised $23 million in a Series A funding round led by GGV Capital, with participation from IBM Ventures, Cisco, and Silicon Valley CISO Investments.
01
DarkBeam, a digital risk protection firm, mistakenly left an Elasticsearch and Kibana interface unprotected, exposing over 3.8 billion user emails and passwords from previous and unreported data breaches.
02
Canadian Flair Airlines left environment files exposed on its website for seven months. The leaked data included MySQL database credentials, SMTP configuration, and user information such as names, emails, phone numbers, and flight details.
03
The Philippine Health Insurance Corporation (PhilHealth) has been hit by a ransomware attack, forcing it to take several websites and portals offline. The Medusa ransomware group is responsible for the attack.
04
The Snatch ransomware group has been found leaking data about its location and operations, which revealed that the group uses paid ads on Google to trick people into downloading malware disguised as popular free software.
05
A new APT group called AtlasCross is targeting organizations using phishing lures impersonating the American Red Cross to deliver two backdoor malware - DangerAds and AtlasAgent.
06
Hackers are targeting GitHub accounts by impersonating Dependabot contributions and injecting malicious code to steal authentication secrets and passwords from developers - reported Checkmarx.
07
Hackers were spotted using the ZeroFont phishing technique to make malicious emails appear as if they have been scanned and secured by security tools in Microsoft Outlook.
08
Cyberattacks on European financial services firms have surged by 119% between Q2 2022 and Q2 2023, according to a report from Akamai, with web app and API attacks accounting for 65%.
09
A new malware strain called ZenRAT is being distributed through fake Bitwarden password manager installation packages. The modular RAT specifically targets Windows users.
10
Cloud detection and response startup Gem Security raised $23 million in a Series A funding round led by GGV Capital, with participation from IBM Ventures, Cisco, and Silicon Valley CISO Investments.
