Ubisoft confirms no account credentials were compromised in their data breach at...

VMware has addressed SSRF & authentication bypass vulnerability allowing attacke...

Lapsus$ group strikes at the website of the Brazilian Ministry of Health twice w...

Gaming

Ubisoft

Just Dance

Ubisoft alerts gamers of a data breach targeting Just Dance

Ubisoft confirms no account credentials were compromised in their data breach attack targeting a video game franchise Just Dance...

23-Dec-2021

2 min read

Authentication

SSRF

DHS

VMware fixes SSRF & Auth bypass vulnerability in security updates

VMware has addressed SSRF & authentication bypass vulnerability allowing attackers to obtain a second-factor credential by accessing the first factor in 2FA in their recent......

20-Dec-2021

3 min read

ANPD

Healthcare

CoVID19

50TB of COVID19 vaccination data risked in a cyberattack at Brazilian Ministry o...

Lapsus$ group strikes at the website of the Brazilian Ministry of Health twice within a week and extracts 50TB of vaccine and immunization data of citizens... ...

18-Dec-2021

2 min read

WebSocket

Blumira

WebSocket connection can trigger a local Log4j remote code attack via a drive-by...

Log4j security vulnerability was that it was limited to exposed vulnerable servers...

17-Dec-2021

1 min read

Social Engineering

COX Cable

Hackers disguises as customer support of COX to gain access to user details

Cox Communication announces a data breach incident following a hacker impersonated as support staff to gain access to internal systems & extracted personal... ...

17-Dec-2021

2 min read

Apache

Log4Shell

Cloudflare

Multiple Log4j CVEs resulted in DoS and sensitive data exfiltration

Apache releases updates for the second vulnerability in Log4j that could lead to DoS while a third vulnerability rises, which leads to sensitive data exfiltration under certain circumstances... ...

16-Dec-2021

4 min read

HelloKitty

Oregon Anesthesiology Group

750,000 patients of Oregon Anesthesiology Group affected by a data breach linked...

Oregon Anesthesiology Group discloses a data breach incident linked to HelloKitty, exposing the personal information of 750,000 patients & 522 employees... ...

15-Dec-2021

2 min read

ANPD

Lapsus$

Brazil

Lapsus$ strikes the Brazil Ministry of Health twice in one week; COVID-19 vaccin...

Brazilian Ministry of health department experienced two cyberattacks within a week, reportedly by a ransomware group Lapsus$, claimed to have copied & deleted 50TB of data, including COVID-19 vaccine certificates of citizens......

15-Dec-2021

1 min read

RDP

LotL

Data Exfiltration

Karakurt linked to data exfiltration & extortion attacks found targeting over 40...

Karakurt threat group exclusively focuses on data exfiltration followed by extortion and has already carried out attacks against 40 victims since September, mainly targeting North Americans... ...

14-Dec-2021

4 min read