DeadRinger - Chinese APT clusters operated 3 cyber espionage campaigns to target...

SeniorAdvisor faced an extensive data breach exposing personal data of millions ...

Elasticsearch database exposed household data of 35 million US citizens. The dat...

APT

DeadRinger

Cyber Espionage

DeadRinger, Chinese APTs targeting major telecom companies of Southeast Asia

DeadRinger - Chinese APT clusters operated 3 cyber espionage campaigns to target significant telecommunication companies...

03-Aug-2021

3 min read

Cloud Security

SeniorAdvisor

Amazon

SeniorAdvisor's misconfigured Amazon S3 triggered a massive Databreach compromis...

SeniorAdvisor faced an extensive data breach exposing personal data of millions of senior citizens due to a misconfigured Amazon S3 bucket......

03-Aug-2021

3 min read

Database

Elasticsearch

Data Leak

Household Data of 35 million US Citizens exposed in Elasticsearch database screw...

Elasticsearch database exposed household data of 35 million US citizens. The database was easily accessible to the threat actors due to the lack of password protection... ...

03-Aug-2021

2 min read

TG2021

Praying Mantis

APT

Microsoft IIS Servers actively targeted by a new APT group dubbed as Praying Man...

New APT group dubbed as 'Praying Mantis' targeted Microsoft IIS servers with ASP.NET exploits to load custom DLLs on the server...

02-Aug-2021

3 min read

Pneumatic Tube System (PTS)

PwnedPiper

Vulnerability

PwnedPiper PTS critical vulnerability set affected significant Hospitals in Nort...

PwnedPiper - a set of 9 crucial vulnerabilities that affected Pneumatic tube system (PTS) stations in hospitals. The most severe vulnerability tracked as CVE-2021-37160 could install hostile firmware in the systems... ...

02-Aug-2021

3 min read

Data Breach

Calgary Parking Authority

Calgary Parking Authority servers of 502GB size hit by Data Breach affecting ov...

Calgary Parking Authority (CPA) unencrypted servers were found to have exposed personal details, including passwords of over 1K drivers......

02-Aug-2021

3 min read

RCE

WordPress

Vulnerability

WordPress Download Manager Plugin Vulnerable to Executing Arbitrary Code

WordPress Download Manager plugin vulnerable to execute arbitrary code. The flaw currently tracked as CVE-2021-34639 allowed users to upload files with php4 extensions...

02-Aug-2021

3 min read

BlackMatter

DarkSide

Ransomware

Darkside Ransomware Gang resurrected as the new BlackMatter operation

DarkSide Ransomware gang returns as the new BlackMatter operation. Both share the same encryption routines, including a custom Salsa20 matrix and website configurations... ...

02-Aug-2021

4 min read

APT

GhostEmperor

China

GhostEmperor, a new Chinese speaking APT targeting high-profile victims via unkn...

GhostEmperor, a previously undocumented Chinese-speaking threat actor spotted by security experts at Kaspersky actively targeting Microsoft Exchange Servers... ...

01-Aug-2021

2 min read

CyCraft

Prometheus

Ransomware

Prometheus Decryptor is now made available for free to all the ransomware affect...

Prometheus ransomware victims can now recover & decrypt their infected files for free via the Decryptor application offered by CyCraft; a Taiwanese cybersecurity firm has recently... ...

01-Aug-2021

3 min read