Weekly
Dec 25 - 29, 2023
Integris Health, an Oklahoma healthcare provider, was hacked on November 28 affecting approximately 2 million patients. Following the breach, hackers sent extortion emails to patients claiming they stole personal data including SSNs, DOBs and medical details. The criminals published some data on Tor and demanded $50 to delete individual records. Read more
Mr. Cooper, a large US mortgage servicer, was hacked on October 30th affecting 14.7 million customers. The incident forced IT shutdowns including the online payment portal. An investigation found customer names, addresses, phone numbers, SSNs, dates of birth and bank account numbers were accessed in the breach. The nature of the attack is unknown at this time. Mr. Cooper is offering identity protection in response. Read more
Major American title insurance company First American Financial reported a cybersecurity incident on December 22nd and took certain systems offline. The attackers exploited vulnerabilities in the EaglePro application, compromising personal and financial documents. Read more
Yakult Australia, a manufacturer of probiotic drinks, was hacked in mid-December. A hacker group called DragonForce claimed responsibility and leaked 95GB of data stolen from Yakult, including documents, employee records and identity documents. Yakult's systems in Australia and New Zealand were impacted. Read more
Innovate, Test, Patch, and Update: The Role of On-Demand Sandbox
Traditional backup systems face a significant challenge - large amounts of unused backup data taking up space without contributing active value. This dormant potential sits idle, resulting in inefficient resource utilization. Sandbox environments provide a controlled testing space for validation, testing updates, and driving innovation in a safe isolated manner beyond just data recovery. Read our blog to unlock the full potential of your backups. Read more
The source code for the popular video game GTA 5 was reportedly leaked on Christmas Eve 2022 on a dark web channel, over a year after hackers stole data from game publisher Rockstar in 2021. The GTA 5 Source Code Leak also included files for an unreleased Bully 2 game. Responsibility was claimed by the same group, Lapsus$, who had hacked Rockstar previously and leaked assets from the unreleased GTA 6. The leak is still being investigated but appears to contain genuine GTA 5 source code files. Read more
128TB Veeam, Rubrik, Commvault fully automated immutable and air-gapped backup & DR appliance with object lockdown, file lockdown, incremental and full snapshots, replication, and instant multi-VM recovery for $9,995.
It is a 2U 8-bay rackmount unit fully populated with 8x16TB enterprise SAS drives, 10-core storage virtualization engine, 32GB system memory, 1TB NVMe SSD for virtualization, dual 10Gb RJ-45 Ports, hot-swappable power supply, 12Gb SAS hardware RAID controller.
Data services such as immutable snapshot, encryption (hardware), deduplication (hardware), replication (sync, async), thin provisioning, hot/cold tiering, Flash Cache (NVMe+SSD), WORM (immutable policy-based vault), predictive failure, call home, real-time performance, report, and notification are available as an option if needed.
For demos and details, contact us.
Weekly
Dec 18 - 22, 2023
Around 300 companies were affected by the Play ransomware group in October 2023, prompting a joint advisory from the FBI, CISA, and ASD’s ACSC. The group utilizes a double-extortion strategy, exploiting vulnerabilities in Microsoft Exchange and FortiOS. Entry points include VPNs and RDP. Tools like AdFind and Grixba aid in network enumeration and information theft, while GMER, IOBit, and PowerTool are used to erase logs and disable antivirus defenses. Read more
Google recently addressed a critical vulnerability, CVE-2023-5129, in the libwebp image library actively exploited with a severity score of 10.0. The flaw originates from the Huffman coding algorithm, causing out-of-bounds data writing when processing WebP lossless files. This vulnerability follows recent fixes by Apple, Google, and Mozilla for a related bug (CVE-2023-41064 and CVE-2023-4863). Read more
VMware has issued an alert on a critical, unpatched vulnerability (CVE-2023-34060, CVSS score 9.8) in Cloud Director 10.5. The flaw allows malicious actors with network access to bypass authentication on ports 22 and 5480. This vulnerability doesn't affect port 443 and is absent in new installations of the same version. The issue arises from a compromised version of sssd in the underlying Photon OS. Security fixes for CVE-2023-34060 are included in VMware Cloud Director Appliance 10.5.1. Read more
The QakBot malware has resurfaced through a new campaign uncovered by Microsoft. This campaign uniquely targets the hospitality industry. Threat actors, masquerading as IRS employees, distribute a PDF containing a URL within, leading to the download of a digitally signed Windows Installer (.msi). Executing this file activates QakBot, utilizing the ‘hvsi’ export execution of an embedded DLL, with the payload. Read more
Unlock the power of your backup data with sandbox testing! Traditional backups accumulate unused terabytes, offering untapped potential. Sandboxes revolutionize this space, providing a controlled environment for robust testing and innovation. Discover the practical impact in our blog and learn why embracing sandbox testing is crucial for enhancing enterprise efficiency, security, and proactive data protection. Take charge of your IT resilience! Read more
DART and OffSec announce a strategic partnership to advance cybersecurity skills. DART, specializing in cyber capacity building, is now an official training partner of OffSec. The partnership aims to enhance the proficiency of cybersecurity professionals, offering OffSec’s OSCP certificate through DART’s tailored bootcamps. DART, having trained over 1500 cyber professionals, focuses on real-world experience, bridging skill gaps, and providing industry-recognized credentials. Read more
Expand and upgrade your VMware cluster environment with enterprise-class air-gapped and immutable S3 object storage. Seamlessly integrate smart ransomware protection within your existing environment. Manage all your workloads with a single pane of glass interface.
10th Gen, 8-bay 2U Rackmount unit with 7x14TB (98TB) Enterprise SAS drives, 10 core Storage Virtualization Engine, 32GB System Memory, 512GB NVMe SSD, Redundant Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller, Dual 10Gb RJ-45 Ports, Fully Integrated SAN, NAS and optional S3 cloud storage.
All Enterprise Data services such as immutable snapshot, encryption (Hardware), Dedupe (hardware), Replication (Sync, Async), Thin provisioning, HOT/COLD Tiering, Flash Cache (NVMe+SSD), WORM (Immutable policy-based vault), Predictive failure, call home, Real-time performance, report, and notification are available as an option if needed.
For demos and details, contact us.