Weekly
April 22nd - 26th, 2024
Hackers leaked the source code for El Salvador's official Chivo bitcoin wallet app, which became legal tender in the country in September 2021. The leak allows hackers to exploit vulnerabilities in the app and compromise users' funds. The leaked code undermined people's trust in the government-backed digital currency initiative. Read more
After BlackCat stole 6TB of patient data in February's Optum attack, UnitedHealth paid them $22M to prevent leaks. However, a group member joined RansomHub, releasing screenshots to again extort UnitedHealth. To stop further exposure, UnitedHealth paid RansomHub ransomware gang to prevent data leak and remove its name from their victim list. Read more
Volkswagen suffered a major five-year long breach from 2010-2015 where Chinese hackers stole over 19,000 documents related to engines, transmissions, and electric vehicles from the automotive giant. The attackers targeted information on gasoline engines, dual-clutch transmission research, and electric vehicle development. The breach lasted half a decade before being detected. Experts said the hackers' IP addresses, tools, and time zone all indicated the attackers were located in China. Read more
State-backed hackers belonging to group UAT4356 have been exploiting vulnerabilities in Cisco firewalls since November 2023. The attackers used custom malware to conduct long-term espionage on government networks worldwide. Cisco advisories warned of reconnaissance, traffic monitoring, and data exfiltration conducted by modifying AAA settings and capturing configurations. Patches have been released to secure vulnerable Cisco ASA and FTD firewall devices. Read more
Supply chain attacks have become a formidable threat, compromising organizations through vulnerable third parties. They have far-reaching implications such as ransomware deployment and data breaches. Explore how threat actors infiltrate networks through the supply chain and learn how StoneFly solutions can safeguard your organization's data from supply chain threats. Read more
Telecom provider Frontier Communications detected an unauthorized access on April 14th. Systems were shut down, disrupting services and causing customer issues. Personally identifiable information of customers was accessed but the full impact of the incident is still under investigation. Read more
Enterprise mission-critical Hyper-V 4x controllers dual-node cluster, unlimited VMs, integrated iSCSI SAN, highly redundant and available with NO single-point-of-failure design.
Optional: Data Services such as snapshot, encryption (Hardware), Dedup (hardware), Replication(Sync, Async), Thin provisioning, Tiering, Flash Cache (NVMe+SSD), and Muti-Cloud connect (Amazon S3, Microsoft Blob). Fully secured with Immutable and air-gap design features against malicious internal/external attacks, including ransomware and virus-malware.
For demos and details, contact us.
Weekly
April 15th - 19th, 2024
The RansomHub ransomware gang has leaked stolen data from Change Healthcare. After ceasing operations, the BlackCat gang's affiliate, "Notchy," partnered with RansomHub to target Change Healthcare again. The leaked data includes agreements, financial documents, and sensitive patient information. The threat actors demanded ransom to prevent further data release. Read more
Giant Tiger, a Canadian retail chain, suffered a data breach resulting in the leak of approximately 2.8 million customer records. The leaked database is now available on HaveIBeenPwned for individuals to check if their information was compromised. While payment details and passwords were not exposed, the company has advised customers to remain vigilant and consider identity monitoring services for extra protection. Read more
Dutch chipmaker Nexperia experienced a data breach in March 2024. The ransomware gang, Dark Angels, leaked a portion of the stolen data, including microscope scans, employee passports, and non-disclosure agreements. Nexperia responded by shutting down its IT systems, initiating an investigation, and reporting the breach to authorities. Dark Angel threatens to release more data unless their ransom demands are met. The authenticity of the leaked materials is yet to be confirmed. Read more
The Daixin Ransomware group has claimed responsibility for a cyberattack on Omni Hotels. They demand a ransom and threaten to release customer information. The attack caused a significant IT outage, affecting reservation systems and room locks. Omni Hotels confirmed the attack and shut down their systems to protect data. Read more
Discover the power of Zero Trust in enterprise security for ransomware protection. Dive into the security approach that challenges traditional notions of trust within organizational networks. Learn about the core principles of Zero Trust, follow a step-by-step implementation guide, and understand the crucial role of backup and disaster recovery in Zero Trust Architecture. Stay ahead of cyber threats and secure your enterprise data with the Zero Trust model. Read more
Ivanti has released security updates addressing critical flaws in Avalanche MDM Solution. This includes two critical heap overflows that allow remote command execution. Customers are advised to download Avalanche 6.4.3 to address these vulnerabilities, which also include medium and high-severity bugs to prevent denial-of-service attacks and remote code execution. Read more
128TB Veeam, Rubrik, Commvault Fully automated Immutable and Air-gapped Backup & DR Appliance with object lockdown, file lockdown, incremental and full snapshots, replication, and instant multi-VM recovery for $9,995.
It is a 2U, 8 Bay Rackmount unit fully populated with 8x16TB Enterprise SAS drives, 10 Core Storage Virtualization Engine, 32GB System Memory, 1TB NVMe SSD for virtualization, Dual 10Gb RJ-45 Ports, Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller.
Data services such as immutable snapshot, encryption (Hardware), Dedupe (hardware), Replication (Sync, Async), Thin provisioning, HOT/COLD Tiering, Flash Cache (NVMe+SSD), WORM (Immutable policy-based vault), Predictive failure, call home, Real-time performance, report, and notification are available as an option if needed.
For demos and details, contact us.
Weekly
April 8th - 12th, 2024
Hackers are using fake Facebook pages, masquerading as popular AI services like Midjourney, to infect over 1 million individuals with malware. They create fraudulent communities on Facebook, attracting followers with realistic images and news updates. By hacking real profiles, they convert them into seemingly official pages for AI tools. Users are led to these pages and deceived into downloading malicious files that steal sensitive information. These campaigns primarily target men aged 25-55 in European countries. Read more
Home Depot data breach exposed the personal information of approximately 10,000 employees. The breach was attributed to IntelBroker, who posted a limited dataset on an underground hacking forum. Home Depot confirmed that a SaaS vendor inadvertently published a sample dataset during a testing activity, containing employee names, emails, and IDs. Cybersecurity experts warn of potential spear phishing campaigns using this stolen information. Read more
A critical flaw in D-Link NAS devices is being actively exploited, leaving over 92,000 devices vulnerable to remote code execution. This flaw, identified as CVE-2024-3273, involves a hard-coded backdoor account with blank credentials, enabling arbitrary command execution. Threat actors are leveraging this vulnerability to deploy variants of the Mirai botnet malware, potentially leading to large-scale DDoS attacks. D-Link has not yet released a patch and advises users to discontinue the use of affected devices. Read more
Targus has fallen victim to a cyberattack that compromised its file systems. The attack was detected on April 5th, prompting Targus to initiate its incident response plan to investigate and contain the breach. The extent of the data compromise is still uncertain, but there is a risk of exposure of customer information, such as orders, shipping addresses, and payment details. Read more
Malvertising is a form of malicious advertising that poses a significant threat to both individuals and enterprises. It exploits vulnerabilities within ad networks and uses redirects and social engineering techniques. Understanding malvertising and implementing robust web security measures is crucial in safeguarding your digital assets. Take proactive steps to protect your organization by reading the full article and gain valuable insights into this growing threat. Read more
The US Environmental Protection Agency (EPA) has experienced a major data breach, resulting in the unauthorized disclosure of personal information of over 8.5 million individuals. The breach has been claimed by the hacker group USDoD. The leaked data includes CSV documents containing names, addresses, phone numbers, and email addresses. This breach poses risks of identity theft, scams, and potential cyber espionage activities. Read more
Deploy dedicated backup & disaster Recovery (DR) appliance and high availability (HA) failover, ransomware protection appliance using up to 64 immediate images restore points, an air-gapped, immutable target storage for long-term recoverability and security forensics concurrently in a single node.
Each appliance operates separately, equipped with dedicated hardware controllers, ensuring isolated security zones protecting enterprise assets within the network.
Key features include:
Versatile Configurations, Air-Gapped and Immutable Storage, High Availability with Automated Failover, Ransomware Protection Using Up to 64 Immediate Restore Points, Secure Target for VM Backup and Archive, Secondary DR Controller, On-Demand DevOps Sandbox.
For demos and details, contact us.