The Breach News

Russian Hackers Exploit Zulip Chat App for Covert Command and Control in Diplomatic Phishing Operations

An active cyber threat landscape has emerged, revealing a sophisticated campaign targeting the ministries of foreign affairs within NATO-aligned nations, showcasing the involvement of Russian threat actors. Recent phishing attacks have come to light, wherein malicious PDF documents are disguised with diplomatic themes, some appearing to originate from Germany. These…

Read MoreRussian Hackers Exploit Zulip Chat App for Covert Command and Control in Diplomatic Phishing Operations

Hackers Target Indian Defense and Energy Sectors with Malware Disguised as Air Force Invitation

Indian Government and Energy Sector Targeted in Cyber Espionage Campaign Recent reports indicate that unidentified threat actors have launched sophisticated cyber attacks against various Indian government entities and private energy companies. These attacks aim to implant a modified variant of the open-source infostealer malware known as HackBrowserData, with the objective…

Read MoreHackers Target Indian Defense and Energy Sectors with Malware Disguised as Air Force Invitation

Orrick Secures Approval for $8 Million Settlement in Breach of Contract Case

Orrick, Herrington & Sutcliffe LLP has reached a substantial settlement agreement of $8 million to resolve claims stemming from a data breach that occurred in March 2023. This breach reportedly compromised the personal information of approximately 153,000 individuals, raising significant concerns about the law firm’s cybersecurity practices. The US District…

Read MoreOrrick Secures Approval for $8 Million Settlement in Breach of Contract Case

Severe Vulnerability in Tinyproxy Exposes Over 50,000 Hosts to Remote Code Execution Threats

Critical Vulnerability Discovered in Tinyproxy Exposed by Over Half of Public Hosts Recent reports have unveiled a significant security vulnerability within the Tinyproxy service, a widely utilized HTTP/HTTPS proxy tool, affecting over 50% of the 90,310 hosts identified as publicly exposing this service. This unpatched flaw, tracked as CVE-2023-49606, has…

Read MoreSevere Vulnerability in Tinyproxy Exposes Over 50,000 Hosts to Remote Code Execution Threats

China-Linked Bronze Starlight Group Targets Gambling Sector Using Cobalt Strike Beacons

A sophisticated cyberattack campaign emanating from China is currently targeting the gambling industry across Southeast Asia, employing Cobalt Strike beacons to infiltrate compromised systems. According to cybersecurity experts at SentinelOne, the indicators and methodologies associated with this operation suggest involvement from a threat actor group identified as Bronze Starlight, also…

Read MoreChina-Linked Bronze Starlight Group Targets Gambling Sector Using Cobalt Strike Beacons

Ransomware Attack Targets American Oilfield Supplier Newpark Resources

On October 29, 2024, Newpark Resources, a Texas-based provider of essential tools and services to the oil and gas, as well as construction industries, was victimized by a ransomware attack that significantly disrupted its financial and operational analytics systems. This cyber intrusion partially incapacitated the company’s internal network, impacting its…

Read MoreRansomware Attack Targets American Oilfield Supplier Newpark Resources

Does Every Business Need One?

Companies Race to Appoint Chief AI Officers as AI Transforms Business Strategies In 2023, a notable trend emerged in corporate governance as artificial intelligence (AI) became integral to business strategies: the creation of the Chief AI Officer (CAIO) role. Major organizations such as Boeing, NASA, PwC, and Pfizer have started…

Read MoreDoes Every Business Need One?

Upcoming Webinar: Eliminate Application Security Blind Spots with OPSWAT and F5

In today’s rapidly evolving cybersecurity landscape, organizations must continuously reassess their defenses to ensure their web applications remain secure. The emergence of new technologies brings with it a wave of sophisticated threats, which consistently challenge businesses across various industries. This trend is expected to persist into 2024, as malicious actors…

Read MoreUpcoming Webinar: Eliminate Application Security Blind Spots with OPSWAT and F5

Final Week to Apply: Cash App to Distribute Direct Payments of $2,570 to Over 7 Million Individuals Affected by Data Breaches

Cash App Users to Claim Up to $2,575 Following Data Breach Cash App users whose accounts were active between August 2018 and August 2024 may soon have the opportunity to claim up to $2,575 following a significant data breach that impacted approximately 8.2 million individuals. This incident, attributed to an…

Read MoreFinal Week to Apply: Cash App to Distribute Direct Payments of $2,570 to Over 7 Million Individuals Affected by Data Breaches