Weekly
Feb 12 - 16, 2024
Financial services giant Prudential recently disclosed a network breach in an SEC filing where unauthorized access was gained to employee and contractor data. The breach was first detected on February 5th after hackers gained access on February 4th. Read more
Hackers stole $290 million worth of PLA tokens from the PlayDapp gaming platform. On February 9th, an unauthorized wallet created 200 million PLA tokens worth $36.5 million. Although PlayDapp swiftly notified users and froze assets, offering a $1 million bounty, the hackers minted an additional 1.59 billion tokens valued at $253.9 million on February 12th. Read more
Man-in-the-Middle (MitM) attacks enable threat actors to secretly intercept and manipulate network traffic. Victims remain unaware as attackers gain access to sensitive data like passwords and messages. MitM risks can be mitigated through measures like encryption, multi-factor authentication, network monitoring, and user awareness training. Read more
Researchers found the resurgence of the Bumblebee malware after a 4 month absence. A new campaign in February employed different tactics like using malicious macros in emails pretending to be voicemails. Opening attached files would trigger downloading Bumblebee. Targets were US organizations. Although attribution remains uncertain, techniques aligned with the TA579 group. Read more
The cyberattack on Fulton County, Georgia that caused IT disruptions for over three weeks has been claimed by the LockBit ransomware group. They provided evidence of accessing systems and sensitive citizen data, threatening to leak it by February 16th unless paid. Fulton County Chair confirmed the ransomware attack occurred but did not specify the actor. Systems for phones, courts, taxes remain impacted as the county explores insurance options to recovery. Read more
Pipeline operator Trans-Northern Pipelines confirmed a November 2023 cyber incident impacting internal computer systems. The ALPHV/BlackCat ransomware group claims stealing 183GB of documents from TNPI and publishing employee details. TNPI is investigating these allegations while safely operating pipelines. Read more
File Gateway to Azure, AWS or any other S3 compatible cloud or StoneFly private cloud, archive large volumes of data with Immutable Gateway for $2 per TB/month.
Connect to S3 cloud & map it to your servers, applications or Backup & DR systems. The gateway supports multiple protocols including NFS, CIFS/SMB.
Install StoneFly virtual Smart cloud Gateway on your hypervisor or get the hardware gateway appliance and use it as File cloud storage.
For demos and details, contact us.
Weekly
Feb 05 - 09, 2024
HPE conducted an investigation into a data breach claim subsequent to a threat actor's posting of purportedly stolen HPE data online. While no evidence of intrusion was discovered, HPE treated the claims seriously, particularly given that the data originated from a test environment. This incident occurred subsequent to a prior breach of HPE's email by the Russian APT29 in May 2023, during which files were pilfered. Read more
The threat group 'ResumeLooters' stole personal data of 2 million job seekers by exploiting SQL injection and XSS vulnerabilities in 65 job and retail sites targeting APAC. They used tools like Acunetix, Metasploit and SQLmap to scan for vulnerabilities. They also created fake employer profiles and resumes with XSS scripts. Group-IB found ResumeLooters had access some sites' admin panels and stored stolen data online. The group aims to sell the data on Telegram for financial gain. Read more
Lurie Children's Hospital, a leading pediatric facility in Chicago serving over 200,000 children annually, faced a cyberattack. It took network systems offline to contain the spread, disrupting internet, email, phones and MyChart. Care was delayed, procedures postponed, and scans/prescriptions went paper-only. Emergency cases remained prioritized. No ransomware group claimed responsibility. Outages entered the sixth day with a call center handling patient needs. Read more
Verizon revealed a data breach affecting 63,000 employees, which is about half of its workforce. One of its employees accessed a file on September 21st that contained worker information inappropriately. Notices have been sent out, offering credit monitoring to those affected. Customer data wasn't affected, and Verizon is still looking into its internal security to find out more. Read more
From Colonial Pipeline to Kaseya, supply chain attacks have become a major threat in cybercrime, putting businesses of all types and sizes at risk. These attacks, which involve exploiting vulnerabilities in the supply chain, particularly through ransomware, have become more common and harmful. Find out more
A phishing attack impacted French healthcare provider Viamedis, potentially affecting 20 million customers. Personal data like names and birthdays were exposed for individuals across 84 organizations. Viamedis notified authorities and investigates while impacted customers received direct notifications. Online platforms went temporarily offline during the breach, though user accounts remained secure. Overall security implications are still under assessment. Read more
56TB Fully Air Gapped and Immutable Veeam Backup and DR appliance with Object Lockdown Technology for Ransomware protection & Instant multi VM recovery. Last 3 Units available on half price!
The appliance is a 2U, 8 Bay Rackmount unit with 4x14TB Enterprise SAS drives, 12 Core Storage Virtualization Engine, 128GB System Memory, 1TB NVMe SSD, Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller, 1 Year Warranty & Support with 2 hours of professional services included.
This powerful 56TB DR365V Backup and DR appliance leverages Veeam-integration using the built-in Air-Gapped network, power management controller repository and storage controller using fully automated and Veeam integrated isolation technology.
Data services such as immutable snapshot, encryption (Hardware), Dedupe (hardware), Replication (Sync, Async), Thin provisioning, HOT/COLD Tiering, Flash Cache (NVMe+SSD), WORM (Immutable policy-based vault), Predictive failure, call home, Real-time performance, report, and notification are available as an option if needed.
For demos and details, contact us.