Select Page
Slide 1

Weekly

Ransomware Roundup

September 30th - October 4th, 2024

CF Medical Announces Data Breach Stemming from FBCS Data Breach

CF Medical reported a data breach linked to Financial Business and Consumer Solutions, Inc. (FBCS) on September 26, 2024. Unauthorized access occurred between February 14 and 26, 2024, compromising sensitive consumer information. The breach was discovered by FBCS, prompting immediate security measures. CF Medical has begun notifying affected individuals, emphasizing the need for vigilance against identity theft. Read more

Bank of America Outage: Is Your Account Balance Zero?

An outage at Bank of America on October 2, 2024, left many customers seeing $0 balances across their accounts. The issue began around 9:30 a.m. PST, with over 20,000 complaints logged within 45 minutes. The outage also impacted Zelle payments, causing insufficient funds alerts. While the bank addressed the issue swiftly, the root cause remains unclear. Read more

Wayne County Cyberattack Cripples Government Services; Ransom Demand Fuels Investigation

A ransomware attack on Wayne County disrupted essential services, including the release of inmates and tax payments. The FBI and Michigan State Police are investigating the incident, which compromised all county servers. The attack's financial ramifications could be significant, with legal implications for the county. Read more

Verizon Outage Leaves Hundreds of Thousands Without Service

On October 1, 2024, Verizon experienced a major outage affecting over 200,000 customers for more than 10 hours. The service disruption included cell, text, and data services, particularly in major cities. Customers reported seeing "SOS" signals on their devices. Verizon acknowledged the issue on social media but provided limited details regarding the cause. Read more

S3 Object Storage: The Ultimate Solution for AI/ML Data Lakes

S3 Object Storage provides scalability, durability, and cost-effectiveness, making it ideal for handling large datasets. With the increasing demand for data-driven insights, adopting S3 object storage can enhance data management and processing efficiency. Discover how to optimize your data infrastructure for AI and ML applications. Read more

Feldstein & Stewart Data Breach Letter Sent to 8,171 Individuals

Feldstein & Stewart, LLP reported a data breach on September 25, 2024, affecting 8,171 individuals. The breach involved unauthorized access to sensitive information, including Social Security and driver’s license numbers. The firm notified affected individuals and recommended consulting legal experts for protective measures. Read more

Promo
128TB Veeam, Rubrik, Commvault Immutable & Air-gapped Backup & DR Appliance for $9,995

128TB Veeam, Rubrik, Commvault Fully automated Immutable and Air-gapped Backup & DR Appliance with object lockdown, file lockdown, incremental and full snapshots, replication, and instant multi-VM recovery for $9,995

It is 2U, 8 Bay Rackmount unit fully populated with 8x16TB Enterprise SAS drives, 10 Core Storage Virtualization Engine, 32GB System Memory, 1TB NVMe SSD for virtualization, Dual 10Gb RJ-45 Ports, Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller.

Data services such as immutable snapshot, encryption (Hardware), Dedupe (hardware), Replication (Sync, Async), Thin provisioning, HOT/COLD Tiering, Flash Cache (NVMe+SSD), WORM (Immutable policy-based vault), Predictive failure, call home, Real-time performance, report, and notification are available as an option if needed.

For details, contact us.

Slide 1

Weekly

Ransomware Roundup

September 23rd - 27th, 2024

MoneyGram Cyberattack: Outage Enters Day Three, Ransomware Suspected

MoneyGram is facing a major outage suspected to be caused by a cyberattack that has disrupted its services for three days. Initially described as a network issue, the company later acknowledged a cybersecurity breach. The ransomware threat could have compromised sensitive customer data, including personal and financial information. Read more

Harvey Nichols Data Breach: High-End Retailer Confirms Customer Data Exposure in Cyberattack

Harvey Nichols has reported a data breach that exposed personal information, including names, addresses, and phone numbers of its customers. On September 16th, the breach resulted from unauthorized access attributed to a cyberattack. While no sensitive financial data is believed to have been compromised, the retailer advises customers to remain vigilant against potential phishing scams. Read more

Dell Data Breached Again! Hackers Claim Second Attack Within a Week, Exposing 3.5GB of Data

Dell has experienced a second data breach within a week, with hackers claiming to have accessed 3.5GB of sensitive data, including internal infrastructure and user credentials. This breach is associated with the compromise of Dell’s Atlassian accounts. Experts warn Dell that the exposure of employee data poses serious risks for identity theft and corporate security. Read more

AutoCanada Ransomware Attack: Employee Data Compromised

AutoCanada is grappling with the aftermath of a significant ransomware attack that occurred in mid-August, potentially exposing sensitive employee data, including payroll and social security numbers. The attack was claimed by Hunters International, which boasted about exfiltrating terabytes of data. AutoCanada is providing three years of free identity theft protection in response. Read more

Top Reasons to Prioritize NAS Storage Backup in Your IT Strategy

Backing up your NAS appliance is a non-negotiable requirement for enterprise organizations. While NAS systems offer scalable storage and accessibility, they are still vulnerable to critical risks such as hardware failures, cyberattacks, and data corruption. Without a comprehensive backup strategy, a NAS failure could result in substantial downtime, lost revenue, and non-compliance with regulatory requirements. Learn the key reasons why protecting your NAS with regular backups is essential for business continuity and data integrity. Read more

US Capitol Dark Web Cyber Attack: Thousands of Staffers’ Data Leaked

A major cyberattack has resulted in the exposure of personal information belonging to over 3,000 congressional staffers, with more than 1,800 passwords discovered on the dark web. The breach was linked to various sources, including social media and dating apps, where staffers used official emails. Read more

Promo
128TB Veeam, Rubrik, Commvault Immutable & Air-gapped Backup & DR Appliance for $9,995

128TB Veeam, Rubrik, Commvault Fully automated Immutable and Air-gapped Backup & DR Appliance with object lockdown, file lockdown, incremental and full snapshots, replication, and instant multi-VM recovery for $9,995

It is 2U, 8 Bay Rackmount unit fully populated with 8x16TB Enterprise SAS drives, 10 Core Storage Virtualization Engine, 32GB System Memory, 1TB NVMe SSD for virtualization, Dual 10Gb RJ-45 Ports, Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller.

Data services such as immutable snapshot, encryption (Hardware), Dedupe (hardware), Replication (Sync, Async), Thin provisioning, HOT/COLD Tiering, Flash Cache (NVMe+SSD), WORM (Immutable policy-based vault), Predictive failure, call home, Real-time performance, report, and notification are available as an option if needed.

For details, contact us.

Slide 1

Weekly

Ransomware Roundup

September 9th - 13th, 2024

Tracelo Cyberattack Exposed 1.7 Million: Hackers Steal Credit Card Data

The Tracelo data breach at Slim CD has exposed credit card information for approximately 1.7 million individuals, including personal details, between June 14 and 15, 2024. While CVVs have largely remained secure, risks of identity theft and phishing still persist for customers. Read more

Avis Data Breach: Customer Data Stolen in Attack on Business Application

Avis has disclosed a data breach involving unauthorized access to its business application, compromising customer names and potentially sensitive information. Occurring between August 3rd and 6th, 2024, attackers likely exploited vulnerabilities like SQL Injection. In response, Avis is offering affected customers a free year of credit monitoring and has engaged cybersecurity experts to bolster security practices. Read more

Indodax Hack: A Major Blow to Indonesian Crypto Security

Indodax, Indonesia's largest crypto exchange, experienced a severe breach, resulting in the theft of about $22 million from its hot wallets. Hackers exploited vulnerabilities in the withdrawal system, targeting Bitcoin and ERC-20 tokens. The exchange has temporarily suspended operations to enhance security protocols. Read more

PIXHELL Acoustic Attack: Leaking Secrets from LCD Screen Noise

A novel acoustic attack named PIXHELL exploits unintended emissions from LCD screens to infiltrate audio-gapped systems. Developed by Dr. Mordechai Guri, this method uses malware to manipulate pixel patterns, allowing data exfiltration within a 2-meter range at 20 bps. To mitigate risks, organizations are encouraged to ban microphone devices in sensitive areas and use noise jamming techniques. Read more

Qilin Agenda Ransomware: Threats, Techniques, and Prevention

The Qilin Agenda ransomware presents a significant threat to organizations, employing sophisticated techniques to encrypt data and demand ransoms. It uses advanced evasion tactics, including the use of null byte injections and multi-layered encryption methods. Proactive monitoring and incident response planning are essential to defend against this evolving threat. Read more

Critical Remote Code Execution Flaw in Progress LoadMaster: A 10/10 Severity Vulnerability

Progress LoadMaster has been found to have a critical RCE vulnerability (CVE-2024-7591) that allows remote command execution via specially crafted HTTP requests. This flaw affects LoadMaster versions 7.2.60.0 and earlier, posing serious risks. An add-on patch has been released to secure vulnerable versions. Read more

Promo
300TB Veeam, Rubrik, Commvault Immutable & Air-Gapped Backup & DR Appliance for $17,995

300TB upgradable to 720TB Veeam, Rubrik, Commvault, HYCU, Cohesity Fully automated Immutable and Air-gapped Backup & DR Appliance with Block, Object and File lockdown, incremental and full Snapshots, Replication, instant Multi-VM Recovery and more for $17,995.

36 Bay, 3U Rackmount unit with 22x14TB Enterprise SAS drives, 12 Core Storage Virtualization Engine, 128GB System Memory, 960GB PCI-E Based NVMe SSD for Virtualization and Storage Engine, Dual 10Gb RJ-45 Ports, 1200W Hot-Swappable Power Supply, 12Gb SAS Hardware RAID Controller. 1 Year Warranty and Support included.

Data services such as immutable snapshot, encryption (Hardware), Dedupe (hardware), Replication (Sync, Async), Thin provisioning, HOT/COLD Tiering, Flash Cache (NVMe+SSD), WORM (Immutable policy-based vault), Predictive failure, call home, Real-time performance, report, and notification are available as an option if needed.

For details, contact us.

Slide 1

Weekly

Ransomware Roundup

September 2nd - 6th, 2024

DICK’S Sporting Goods Cyberattack Shuts Down Email and Locks Employee Accounts

On August 21, 2024, DICK’S Sporting Goods experienced a cyberattack that led to unauthorized access of confidential data. In response, the company implemented its cybersecurity protocol, shutting down email systems and locking employee accounts to mitigate the breach. Employees faced access restrictions, with IT personnel manually verifying identities. The incident has been reported to law enforcement, while the full extent of the impact remains under investigation. Read more

Voldemort Malware: A New Threat Abusing Google Sheets for Data Exfiltration

A new malware called "Voldemort" is targeting organizations worldwide through a sophisticated multi-stage attack. This threat begins with phishing emails masquerading as tax-related messages, directing victims to misleading landing pages. When users click, a malicious Python script runs, gathering system information while showing a decoy PDF. Voldemort utilizes Google Sheets for command and control, enabling data exfiltration and remote command execution. Read more

TfL Cyberattack: Transport for London Under Attack

Transport for London (TfL) is currently managing an ongoing cyberattack but reports no disruption to services. Immediate containment measures have been initiated, and there is no evidence of customer data compromise. TfL is collaborating with the National Crime Agency and the National Cyber Security Centre to address the situation. Read more

VK Data Leak Exposes 390 Million Users: HikkI-Chan Strikes Again

A hacker known as HikkI-Chan has leaked personal information of over 390 million VK users, allegedly through a second-order breach involving a third-party source. The leaked data includes user names, cities, countries, and profile image URLs, but excludes passwords. VK has denied any direct breaches of their servers, asserting that the data was obtained from publicly available sources. Read more

SaaS Downtime: How Single Points of Failure Disrupt Entire Industries

Software as a Service (SaaS) solutions have become the backbone of countless industries. From automotive and finance to education and healthcare, these platforms offer efficiency, convenience, and a wealth of features. However, a critical vulnerability lurks within many SaaS environments: single points of failure (SPoFs). When an SPoF in a SaaS platform is compromised, the impact can be widespread, affecting all users and leading to significant disruptions. Read more

CBIZ Discloses Data Breach Affecting Nearly 36,000 Individuals

CBIZ has disclosed a data breach affecting nearly 36,000 individuals due to a vulnerability on its web page from June 2 to June 21, 2024. The breach exposed sensitive information such as names, Social Security numbers, and health-related data. While there is no evidence of data misuse, affected clients are being notified and offered credit monitoring services to mitigate potential risks. Read more

Promo
Immutable Gateway to Azure or AWS for $2 per TB /Month

File Gateway to Azure, AWS or any other S3 compatible cloud or StoneFly private cloud, Archiving high volumes of data with Immutable Gateway for $2 per TB/month.

Connect to S3 cloud & map it to your servers, applications or Backup & DR systems. It supports multiple protocols including NFS, CIFS/SMB.

Install StoneFly virtual Smart cloud Gateway on your hypervisor or get the hardware gateway appliance and use it as File cloud storage.

For details, contact us.

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email