REPORT BREACH
admin

admin

  • Joined: September 10, 2024
  • Articles: 2984

U.K. Electoral Commission Cyberattack Compromises Voter Data of 40 Million Citizens On August 9, 2023, the U.K. Electoral Commission revealed a “complex” cyberattack that remained undetected for over a year, resulting in unauthorized access to voter data for 40 million individuals. The breach was identified in October 2022 following the detection of suspicious activity, revealing that attackers had first infiltrated the systems in August 2021. This intrusion allowed access to the Commission’s servers, which housed email systems, control infrastructure, and copies of electoral registers for research purposes. The culprits behind the attack have not yet been identified. The compromised registers include names and addresses of U.K. voters who registered between 2014 and 2022, along with details of registered overseas voters; however, data for those registered anonymously and overseas elector addresses were not included.

U.K. Electoral Commission Data Breach Exposes Personal Information of 40 Million Voters On August 8, 2023, the U.K. Electoral Commission revealed that it had fallen victim to a significant cyber attack, a breach that remained undetected for over a year.…

Mastering Secrets Management: Overcoming Common Challenges

In the world of cybersecurity, the importance of effective secrets management cannot be overstated—it is the cornerstone of your security framework. We all understand the necessity of protecting API keys, connection strings, and certificates. However, this is not merely a ‘set it and forget it’ task; rather, it involves the continuous safeguarding of sensitive information in an ever-evolving threat landscape. In this guide, we will illuminate frequent pitfalls that can lead to security breaches and provide you with the tools and strategies needed to navigate and conquer these challenges. Think of it as your essential roadmap to mastering secrets management across various scenarios.

Top 5 Common Secrets Management Mistakes

Let’s explore some of the typical secrets management blunders that can trip up even the most experienced teams:

  1. Hard Coding Secrets in Code Repositories: One of the most prevalent mistakes…

Secrets Sensei: Addressing Secrets Management Challenges Date: Mar 08, 2024 Category: Secrets Management / Access Control In the ever-evolving landscape of cybersecurity, the importance of effective secrets management cannot be overstated. As businesses increasingly rely on digital infrastructure, securing sensitive…

Lazarus Group from North Korea Unleashes New Kaolin RAT via Fake Job Offers

April 25, 2024
Malware / Cyber Threat

The North Korean cyber threat actor Lazarus Group has once again leveraged its longstanding tactic of using bogus job offers to distribute a new remote access trojan (RAT) known as Kaolin RAT. Targeting specific individuals in the Asia region during the summer of 2023, this malware not only performs standard RAT functions but also has the ability to modify file timestamps and load DLL binaries from a command-and-control server, as noted by Avast security researcher Luigino Camastra in a recent report. The Kaolin RAT serves as an entry point for the FudModule rootkit, which has been found exploiting a recently patched admin-to-kernel vulnerability in the appid.sys driver (CVE-2024-21338, CVSS score: 7.8). This exploit enables it to gain kernel read/write capabilities and disable security mechanisms. Lazarus Group’s strategy of using job offers for infiltration, known as Operation Dream Job, has a history of successfully employing various social media platforms for this purpose.

Lazarus Group Launches New Kaolin RAT Targeting Individuals in Asia Through Deceptive Job Offers April 25, 2024 Malware / Cyber Threat In a concerning development, the Lazarus Group, a North Korea-linked threat actor, has recently leveraged fake job postings to…

China-Linked Cyber Attack Campaign Affects 17 Nations Over Three Years Aug 09, 2023 Cyber Espionage / Cyber Attacks Hackers tied to China’s Ministry of State Security (MSS) have been implicated in cyber attacks across 17 countries in Asia, Europe, and North America between 2021 and 2023. The cybersecurity firm Recorded Future has identified this intrusion set as the work of a nation-state group known as RedHotel, previously referred to as Threat Activity Group-22 (TAG-22). This group is part of a broader cluster of activities that include Aquatic Panda, Bronze University, Charcoal Typhoon, Earth Lusca, and Red Scylla (or Red Dev 10). Active since 2019, RedHotel has notably targeted sectors such as academia, aerospace, government, media, telecommunications, and research, with a significant number of victims being governmental organizations. “RedHotel has a dual mission of intelligence gathering and economic espionage,” the cybersecurity firm noted, highlighting its persistence, operational intensity, and extensive global reach.

Global Impact of China-Linked Cyber Attacks: 17 Nations Targeted Over Three Years August 9, 2023 In a significant escalation of cyber threats, hackers affiliated with China’s Ministry of State Security (MSS) have been implicated in a comprehensive cyber campaign spanning…

Microsoft Acknowledges Source Code and Customer Data Breach by Russian Hackers

On March 9, 2024, Microsoft confirmed that the Kremlin-affiliated cyber group, Midnight Blizzard (also known as APT29 or Cozy Bear), successfully infiltrated some of its source code repositories and internal systems. This breach was initially uncovered in January 2024. The tech company stated, "We have recently observed that Midnight Blizzard is leveraging information obtained from our corporate email systems to gain, or attempt to gain, unauthorized access." While the investigation into the breach’s scope continues, Microsoft assures that there is no evidence suggesting compromise of customer-facing systems hosted on its platform. Microsoft also noted that the Russian state-sponsored hackers are trying to exploit various types of confidential information, including interactions between customers and Microsoft over email; however, specific details have not been disclosed.

Microsoft Confirms Source Code and Sensitive Data Breach by Russian Hackers On March 8, 2024, Microsoft disclosed that the Kremlin-supported cyber threat group known as Midnight Blizzard, also referred to as APT29 or Cozy Bear, has successfully infiltrated some of…