Weekly
March 17th - 21st, 2025
A supply chain attack on the tj-actions/changed-files GitHub Action affected around 23,000 repositories by exposing CI/CD secrets. The attackers added malicious code that exposed sensitive data through repository logs. GitHub promptly removed the compromised action and advised users to rotate their secrets and adopt more secure practices, like pinning actions to specific commit hashes. Read more
California Cryobank, the largest sperm bank in the United States, disclosed a data breach that compromised sensitive customer information. The breach occurred between April 20 and April 22, 2024, revealing data such as names, Social Security numbers, and bank details. The company is providing one year of complimentary credit monitoring to those impacted. Read more
Western Alliance Bank reported a data breach that affected 21,899 customers, exposing personal and financial information due to a vulnerability in a third-party vendor's software. The Clop ransomware group has claimed responsibility for the incident. Read more
WEMIX, a blockchain gaming platform, reported a theft of $6.1 million after hackers exploited stolen authentication keys for unauthorized withdrawals. The platform is currently offline for security enhancements following the breach, which was meticulously planned over two months. Read more
ESXiArgs is a ransomware strain specifically designed to exploit VMware ESXi servers. Upon successful infiltration, it encrypts virtual machines, making critical data inaccessible until a ransom is paid. Learn more about the nature of the ransomware, its attack methods, and essential strategies for protection. Read more
The Center for Digestive Health in Florida reported a data breach affecting over 120,000 patients, with personal and medical information compromised. The BianLian ransomware group has claimed responsibility for the incident, prompting the hospital to offer identity protection services to affected individuals. Read more
70TB expandable up to 4PB Air-gapped & Immutable Veeam, Rubrik, Commvault, Site Recovery, Backup and DR appliance with Object Lockdown Technology for Ransomware protection for $7,995.
8-bay 2U Rackmount unit with 5x14TB Enterprise SAS drives, 10 Core Storage Virtualization Engine, 32GB System Memory, 512GB NVMe SSD, Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller. Fully Integrated SAN, NAS and Native S3 cloud object storage.
All Enterprise Data services such as immutable snapshot, encryption (Hardware), Dedupe (hardware), Replication (Sync, Async), Thin provisioning, HOT/COLD Tiering, Flash Cache (NVMe+SSD), WORM (Immutable policy-based vault), Predictive failure, call home, Real-time performance, report, and notification are included.
For details, contact us.
Weekly
March 10th - 14th, 2025
The Cl0p ransomware group has published files stolen from Rackspace Technology after the company allegedly ignored ransom demands. This breach involved sensitive data and affected numerous organizations. Cl0p's leak site claimed to expose files related to 170 companies, with Rackspace yet to comment on this claim. Read more
The MassJacker malware campaign targets 778,531 cryptocurrency wallets through clipboard hijacking. This malware monitors the clipboard for copied wallet addresses and replaces them with those controlled by attackers. CyberArk's analysis indicates approximately $95,300 has been stolen, but the actual impact may be much higher. The malware spreads via a malicious site offering pirated software, employing a complex infection chain. Read more
On March 4, 2025, the NBA and NASCAR accounts on X were compromised to promote fake cryptocurrencies. Attackers posted announcements about the launch of nonexistent digital assets, misleading millions of followers. Despite quick removal by the NBA, the hackers repeatedly republished their messages during the attack. Read more
On March 5, 2025, 1inch confirmed a theft of around $5 million resulting from a vulnerability in its smart contracts. The breach impacted resolver funds linked to the outdated Fusion v1 implementation while ensuring no end-user funds were compromised. The stolen assets included 2.4 million USDC and 1,276 Wrapped Ether. 1inch is working with affected resolvers to improve security and has initiated a bug bounty program to identify vulnerabilities. Read more
Rhysida ransomware has emerged as a significant threat, targeting organizations through phishing and exploiting vulnerabilities. It encrypts files and threatens data leaks, demanding ransoms. Organizations are urged to adopt robust security measures, including regular backups and employee training on phishing awareness, to mitigate risks associated with this evolving ransomware strain. Read more
A data breach at Chicago Public Schools has compromised personal information for hundreds of thousands of students, including names, birthdates, and IDs. The breach was linked to a server belonging to CPS technology vendor Cleo. Affected data may lead to identity theft, prompting an investigation by the FBI and Illinois Attorney General. Read more
128TB Veeam, Rubrik, Commvault Fully automated Immutable and Air-gapped Backup & DR Appliance with object lockdown, file lockdown, incremental and full snapshots, replication, and instant multi-VM recovery for $9,995.
It is 2U, 8 Bay Rackmount unit fully populated with 8x16TB Enterprise SAS drives, 10 Core Storage Virtualization Engine, 32GB System Memory, 1TB NVMe SSD for virtualization, Dual 10Gb RJ-45 Ports, Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller.
Data services such as immutable snapshot, encryption (Hardware), Dedupe (hardware), Replication (Sync, Async), Thin provisioning, HOT/COLD Tiering, Flash Cache (NVMe+SSD), WORM (Immutable policy-based vault), Predictive failure, call home, Real-time performance, report, and notification are available as an option if needed.
For details, contact us.
Weekly
March 3rd - 7th, 2025
roadcom has patched three critical VMware zero-day vulnerabilities that are currently being exploited, affecting products such as ESXi and vSphere. The vulnerabilities, labeled CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226, enable attackers with privileged access to escape the virtual machine sandbox. Organizations were urged to implement these patches immediately, as these vulnerabilities pose significant risks, particularly from active threat groups. Read more
Cisco has alerted users to a vulnerability in Webex for BroadWorks, which may permit unauthenticated attackers to remotely access sensitive credentials. This issue impacts several VMware ESX products and could expose data if SIP communication is configured insecurely. To mitigate potential risks, users are instructed to restart their Cisco Webex app and ensure secure transport settings for SIP. Read more
A data breach at the German travel tracking company Lost & Found has compromised over 800,000 records, including sensitive data like passport scans and driver’s licenses. Security researcher Jeremiah Fowler uncovered a publicly accessible dataset containing 820,750 records and 122GB of data. This exposure raises severe identity theft risks. Investigations are underway to assess the breach's full impact and identify the responsible parties. Read more
Following a cyberattack, the Polish Space Agency (POLSA) has disconnected its systems to secure operations. The compromised email systems prompted the agency to report the incident and collaborate with national CSIRT teams for investigation. The details of the attack are still under wraps. Read more
The Lynx ransomware campaign employs multiple attack vectors, including phishing emails and exploiting software vulnerabilities to gain access to networks. Once inside, attackers deploy ransomware that encrypts files and demands ransom payments. Organizations are advised to develop incident response plans to quickly address potential breaches and minimize impact. Read more
A newly identified polyglot malware, Sosano, is specifically targeting aviation and satellite communication sectors in the UAE. Discovered by Proofpoint, this malware allows remote command execution and persistent access on infected devices. It spreads through spear-phishing emails linking to malicious downloads, utilizing a multi-file format to evade detection. Read more
168TB, scalable to 720TB, Enterprise SSO NAS appliance with Air- Gap and Immutable storage, delta-based Snapshots for ransomware protection plus Support for Unlimited NAS Clients, bunch of data services and built-in S3 cloud connect for $13,995.
36 Bay, 3U Rackmount unit with 12x14TB Enterprise SAS drives, 12 Core Storage Virtualization Engine, 64GB System Memory, 960GB PCI-E Based NVMe SSD for Storage Engine, Dual 10Gb RJ-45 Ports, 1200W Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller. 1 Year Warranty and Support included.
All Enterprise data Services such as Snapshot, Tiering, Encryption, Sync & Async, Replication, Supports CIFS/SMB and NFS, Cloud Connect to Azure Hot / Cool Blob / AWS-S3, Erasure Coding are included.
For details, contact us.