The Breach News

Konni Group Employs Russian-Language Malicious Word Documents in Recent Attacks

A recent phishing campaign has surfaced, utilizing a Russian-language Microsoft Word document as a vehicle for deploying malware designed to extract sensitive data from compromised Windows systems. This attack has been linked to a threat actor known as Konni, which exhibits connections to the North Korean cyber espionage group identified…

Read MoreKonni Group Employs Russian-Language Malicious Word Documents in Recent Attacks

Mukashi: A New Variant of Mirai IoT Botnet Targeting Zyxel NAS Devices

In a significant development in cybersecurity, a new variant of the notorious Mirai botnet—dubbed “Mukashi”—is actively exploiting a newly discovered critical vulnerability affecting network-attached storage (NAS) devices. This attack aims to remotely compromise and commandeer vulnerable machines, reflecting an escalation in tactics employed by cybercriminals. Mukashi employs brute-force techniques, systematically…

Read MoreMukashi: A New Variant of Mirai IoT Botnet Targeting Zyxel NAS Devices

Severe Vulnerability (CVSS Score 10) Allows Hackers to Take Control of Oracle Identity Manager

A serious vulnerability has been uncovered in Oracle’s enterprise identity management system, posing risks of severe exploitation by remote, unauthenticated attackers. This flaw, identified as CVE-2017-10151, has been given the highest possible CVSS score of 10, indicating it is both critical and easily exploitable without the need for any user…

Read MoreSevere Vulnerability (CVSS Score 10) Allows Hackers to Take Control of Oracle Identity Manager

Alert: 3 Major Vulnerabilities Put ownCloud Users at Risk of Data Breaches

Recent advisories from the maintainers of ownCloud have revealed three critical vulnerabilities within their open-source file-sharing software that could lead to unauthorized access, data modification, and exposure of sensitive information. These vulnerabilities pose significant risks to users and require immediate attention. The first flaw, identified as CVE-2023-49103, boasts a CVSS…

Read MoreAlert: 3 Major Vulnerabilities Put ownCloud Users at Risk of Data Breaches

ALERT: Hackers Deploy Hidden Backdoor on Thousands of Microsoft SQL Servers

Malicious Campaign Targeting MS-SQL Servers Discovered by Researchers Cybersecurity experts have identified a prolonged malicious campaign that has been active since May 2018, focusing on Windows machines equipped with MS-SQL servers. The campaign, named “Vollgar” after the Vollar cryptocurrency it mines, is aimed at deploying backdoors and diverse malware, including…

Read MoreALERT: Hackers Deploy Hidden Backdoor on Thousands of Microsoft SQL Servers

Forever 21 Alerts Shoppers to Payment Card Breach at Certain Locations

In a troubling development for the retail sector, Forever 21 has announced a payment card data breach affecting its customers. The Los Angeles-based fast-fashion retailer revealed that hackers managed to access payment card information from various store locations, posing a significant cybersecurity risk. The incident was brought to light earlier…

Read MoreForever 21 Alerts Shoppers to Payment Card Breach at Certain Locations