Hackers Leak 2.7 Billion Data Records with Social Security Numbers
Hackers leaked 2.7 billion records of personal information, including names, social security numbers, and addresses, from National Public Data. The data was shared on a hacking forum by threat actors like USDoD and Fenice, with some records being associated with deceased individuals and inaccuracies. Individuals impacted are advised to monitor their credit reports for fraudulent activity and be cautious of phishing attempts.
Rapid Response Thwarts $42M BEC Scam
A firm discovered a Business Email Compromise (BEC) scam where over $40 million was transferred fraudulently. Within days, authorities froze $39 million in Timor Leste and arrested seven suspects, recovering an additional $2 million. Interpol’s Global Rapid Intervention of Payments (I-GRIP) mechanism facilitated swift international cooperation, emphasizing the importance of global response to financial crimes like BEC attacks.
US Justice Department Disrupts North Korean ‘Laptop Farm’ Operation
The U.S. Department of Justice has disrupted a North Korean “laptop farm” operation that enabled North Korean IT workers to obtain remote jobs at American companies by posing as U.S. citizens. The scheme involved stolen identities and remote access to laptops shipped to an accomplice’s U.S. address, allowing North Koreans to appear as domestic employees. This operation highlights ongoing efforts by North Korea to evade sanctions and fund its weapons programs through deceptive IT work and cyber activities targeting major U.S. companies.
200k Impacted by East Valley Institute of Technology Data Breach
A data breach at the East Valley Institute of Technology (EVIT) compromised the personal and health information of over 200,000 individuals, including students, staff, faculty, and parents. The breach involved the unauthorized access to sensitive data, including Social Security numbers, medical information, and other personal details. The LockBit ransomware group has taken credit for the attack, although it is unclear if the stolen data was leaked, and EVIT has since taken steps to secure its systems and notified affected individuals.
Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains
Microsoft has identified multiple vulnerabilities in OpenVPN, particularly concerning when used with third-party tools or insecure configurations. These flaws could be exploited in chained attacks, allowing malicious actors to escalate privileges or gain unauthorized access to networks. Cybersecurity professionals are advised to prioritize patching these vulnerabilities and strengthening configurations to prevent exploitation in critical infrastructure and enterprise environments.
Australian Gold Producer Evolution Mining Hit by Ransomware
Evolution Mining, a major Australian gold producer, was targeted by a ransomware attack on August 8, 2024, impacting its IT systems. The company has engaged external cybersecurity experts to contain and remediate the attack, with operations expected to continue uninterrupted. While the incident has been reported to the Australian Cyber Security Centre, no major ransomware groups have claimed responsibility, and it is unclear if any data was stolen during the attack.
Hackers Posing as Ukraine’s Security Service Infect 100 Govt PCs
Hackers impersonating Ukraine’s Security Service infected over 100 government computers using malicious spam emails containing AnonVNC malware. The emails requested document submissions to the SSU, leading recipients to download malware disguised as a document list. The attack, attributed to threat group UAC-0198, began in July and targeted central and local government bodies, highlighting ongoing cyber threats faced by Ukraine.
Russian Government Targeted by EastWind Campaign
The EastWind attack campaign targets the Russian government and IT organizations, delivering backdoors and trojans through spear-phishing emails containing booby-trapped LNK files. The attack deploys malware like GrewApacha and PlugY, with PlugY being downloaded through the CloudSorcerer backdoor and supporting multiple communication protocols. Additionally, the attackers use popular network services like GitHub and Dropbox as command servers, and a watering hole attack distributing the CMoon worm to harvest data and launch DDoS attacks was also detailed.
Disclaimer: Titles and summaries are AI-generated. Please refer to the linked content for more details.