Latest security breaches
Nissan confirms ransomware attack exposed data of 100,000 people; the Akira ransomware gang took responsibility for the attack and claimed it had stolen 100GB of data, including documents containing personal employee information, NDAs, project data, and information on partners and clients.
Researchers from security firm Sysdig recently investigated an attack campaign that spawned 6,000 micro instances from a compromised AWS account across different regions and deployed the client for a blockchain-based content delivery service and bandwidth marketplace called the Meson Network.
Cyber security researchers discovered close to 19 million plaintext passwords exposed on the public internet by misconfigured instances of Firebase, a Google platform for hosting databases, cloud computing, and app development.
IMF detected the breach after which it brought in independent cyber security experts to launch an in-depth investigation and determine the nature of the breach. The investigation determined that 11 IMF email accounts were compromised.
Fujitsu is the world's sixth largest IT services provider discovered that several of its systems were infected by malware and warns that the hackers stole customer data.
A verified App, a member of low-tier BreachForums 2, is selling a database belonging to the Ministry of Health of Saudi Arabia for $5 million. The sample provided by the threat actor includes full names, physical addresses, phone numbers, blood types, staff messages and emails, IDs, and other sensitive information. verifiedBpp claims the 500 GB dataset contains information from 2020 to 2024.This information can be used by cyber-criminals to facilitate social engineering attacks and identity theft. The credibility of verifiedBpp is low: the user registered their account in March 2024 and has authored 2 posts and 2 threads. The account has received no endorsements on the forum and has no confirmed sales.
On March 20, 2024, the cyber security company BlueVoyant reported that the threat actor group Narwhal Spider orchestrated a phishing campaign dubbed as ‘NaurLegal’. This campaign targets a broad spectrum of organisations through phishing emails containing malicious PDF attachments disguised as invoices from reputable law firms, using the WikiLoader loader malware to facilitate the deployment of further malicious payloads such as the IcedID banking Trojan. The company stated that this campaign represents a departure from Narwhal Spider’s typical victimology, which has been primarily focused on Italian organisations, to a broader set of victims within the legal sector.
Conversation Overflow' Cyberattacks Bypass AI Security to Target Execs. A new cyber-attack method called "Conversation Overflow" which aims to bypass artificial intelligence (AI) and machine learning (ML) security controls, SlashNext reported on March 19, 2024. The attack involves creating emails intended for AI/ML algorithms with two distinct parts, one visible to the recipient and one hidden. By including hidden text that mimics "known good" communication, the threat actors trick the AI/ML systems into categorising the email as safe and allowing it into the recipient's inbox. Once the attack bypasses security measures, the threat actors can deliver credential theft messages, requesting that executives re-authenticate passwords and logins.
Cyber security researchers have identified a new form of denial-of-service (DoS) attack that could disrupt over 300,000 internet-connected systems worldwide. This novel attack, which targets the application layer of network communication, has raised significant concerns due to its self-perpetuating nature and the ease with which it can be executed.