The Breach News

Chinese Hackers Breach Indian Defence Research Organisation’s Systems

March 13, 2013

An exclusive report from DNA news reveals a significant security breach within the Defence Research and Development Organisation (DRDO), with Chinese hackers reportedly compromising sensitive computer systems. This intrusion has led to the leak of thousands of classified documents related to the Cabinet Committee on Security, which were found uploaded to a server in Guangdong province, China. Indian Defence Minister A. K. Antony commented, “Intelligence agencies are currently investigating the situation, and I cannot provide further details.” The breach was identified in the first week of March when officials from India’s National Technical Research Organisation (NTRO), in collaboration with private cybersecurity experts, uncovered a file titled “army cyber policy.” This document, linked to hacked email accounts of senior DRDO officials, quickly spread throughout the organization’s network.

Chinese Hackers Breach Indian Defence Research Organisation: A Significant Security Incident March 13, 2013 In a striking revelation reported by DNA News, significant breaches have been detected within the Defence Research and Development Organisation (DRDO) of India, attributed to Chinese hackers. This incident marks one of the most serious security…

Read More

Chinese Hackers Breach Indian Defence Research Organisation’s Systems

March 13, 2013

An exclusive report from DNA news reveals a significant security breach within the Defence Research and Development Organisation (DRDO), with Chinese hackers reportedly compromising sensitive computer systems. This intrusion has led to the leak of thousands of classified documents related to the Cabinet Committee on Security, which were found uploaded to a server in Guangdong province, China. Indian Defence Minister A. K. Antony commented, “Intelligence agencies are currently investigating the situation, and I cannot provide further details.” The breach was identified in the first week of March when officials from India’s National Technical Research Organisation (NTRO), in collaboration with private cybersecurity experts, uncovered a file titled “army cyber policy.” This document, linked to hacked email accounts of senior DRDO officials, quickly spread throughout the organization’s network.

U.S. Treasury Imposes Sanctions on North Korean IT Worker Scheme, Uncovering $600K in Crypto Transfers and Over $1M in Profits

August 28, 2025
Artificial Intelligence / Malware

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced new sanctions against two individuals and two entities linked to North Korea’s remote IT worker scheme, which generates illicit revenue for the regime’s weapons of mass destruction and ballistic missile initiatives. “The North Korean regime continues to exploit American businesses through fraudulent schemes involving overseas IT workers who steal data and extort ransom,” stated John K. Hurley, Under Secretary of the Treasury for Terrorism and Financial Intelligence. “Under President Trump’s administration, the Treasury remains dedicated to safeguarding Americans from these schemes and holding those responsible accountable.” Key individuals targeted include Vitaliy Sergeyevich Andreyev, Kim Ung Sun, Shenyang Geumpungri Network Technology Co., Ltd, and Korea Sinjin Trading Corporation. This initiative broadens the sanctions previously imposed on Chinyong Informat…

U.S. Treasury Imposes Sanctions on North Korean IT Worker Scheme, Unveiling $600K in Cryptocurrency Transfers and Over $1M in Profits On August 28, 2025, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced new sanctions targeting a network of individuals and companies involved in a North…

Read More

U.S. Treasury Imposes Sanctions on North Korean IT Worker Scheme, Uncovering $600K in Crypto Transfers and Over $1M in Profits

August 28, 2025
Artificial Intelligence / Malware

The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has announced new sanctions against two individuals and two entities linked to North Korea’s remote IT worker scheme, which generates illicit revenue for the regime’s weapons of mass destruction and ballistic missile initiatives. “The North Korean regime continues to exploit American businesses through fraudulent schemes involving overseas IT workers who steal data and extort ransom,” stated John K. Hurley, Under Secretary of the Treasury for Terrorism and Financial Intelligence. “Under President Trump’s administration, the Treasury remains dedicated to safeguarding Americans from these schemes and holding those responsible accountable.” Key individuals targeted include Vitaliy Sergeyevich Andreyev, Kim Ung Sun, Shenyang Geumpungri Network Technology Co., Ltd, and Korea Sinjin Trading Corporation. This initiative broadens the sanctions previously imposed on Chinyong Informat…

How to Address the Microsoft Print Spooler Vulnerability: Understanding PrintNightmare

Published on July 8, 2021

Recently, the PrintNightmare vulnerability in Microsoft’s Print Spooler (CVE-2021-34527) was escalated from ‘Low’ to ‘Critical’ severity. This change follows the release of a Proof of Concept on GitHub, which attackers might exploit to gain access to Domain Controllers. Although Microsoft issued a patch in June 2021, it fell short in preventing further exploits, as the Print Spooler feature remains accessible for remote connections. This article provides crucial insights into the vulnerability and offers guidance on mitigation strategies.

Overview of Print Spooler: The Print Spooler is a Microsoft service responsible for managing and monitoring print jobs. It is one of the oldest components in the Microsoft ecosystem and has seen minimal updates since its inception. By default, this service is enabled on all Microsoft devices, including servers and endpoints.

Understanding the PrintNightmare Vulnerability: Once an attacker achieves limited user access, they can exploit the Print Spooler to escalate privileges…

Understanding the Microsoft Print Spooler Vulnerability – PrintNightmare On July 8, 2021, the PrintNightmare flaw related to Microsoft’s Print Spooler service was escalated from a ‘Low’ to a ‘Critical’ threat level. This significant shift in classification stems from a Proof of Concept (PoC) shared on GitHub, which exposes a pathway…

Read More

How to Address the Microsoft Print Spooler Vulnerability: Understanding PrintNightmare

Published on July 8, 2021

Recently, the PrintNightmare vulnerability in Microsoft’s Print Spooler (CVE-2021-34527) was escalated from ‘Low’ to ‘Critical’ severity. This change follows the release of a Proof of Concept on GitHub, which attackers might exploit to gain access to Domain Controllers. Although Microsoft issued a patch in June 2021, it fell short in preventing further exploits, as the Print Spooler feature remains accessible for remote connections. This article provides crucial insights into the vulnerability and offers guidance on mitigation strategies.

Overview of Print Spooler: The Print Spooler is a Microsoft service responsible for managing and monitoring print jobs. It is one of the oldest components in the Microsoft ecosystem and has seen minimal updates since its inception. By default, this service is enabled on all Microsoft devices, including servers and endpoints.

Understanding the PrintNightmare Vulnerability: Once an attacker achieves limited user access, they can exploit the Print Spooler to escalate privileges…

Navigating Cybersecurity: Balancing Fear and the Urgency for Action

March 15, 2013

Every nation today is deeply concerned about the security of its infrastructure, with the United States particularly vigilant due to the frequency of cyberattacks targeting its networks. Officials like former Secretary of Defense Leon Panetta and Secretary of Homeland Security Janet Napolitano have repeatedly sounded the alarm about the potential repercussions of a cyber offensive, emphasizing the urgent need to bolster the nation’s cyber capabilities.

Senators are now scrutinizing the protection levels of foreign nations’ nuclear stockpiles against cyber threats. This inquiry grew after the Pentagon’s chief cyber officer admitted uncertainty regarding the effectiveness of cybersecurity measures employed by countries like Russia and China. In response, Senator Carl Levin, Chairman of the Armed Services Committee, is set to request a national intelligence assessment on the capability of foreign states to protect their networks.

Cybersecurity Concerns Heightened Amidst Fears of Catastrophic Attacks March 15, 2013 The threat of cyberattacks has escalated to the forefront of national security discussions, with nations increasingly anxious about the resilience of their critical infrastructures. In the United States, concerns are particularly pronounced, evidenced by a series of alarming cyber…

Read More

Navigating Cybersecurity: Balancing Fear and the Urgency for Action

March 15, 2013

Every nation today is deeply concerned about the security of its infrastructure, with the United States particularly vigilant due to the frequency of cyberattacks targeting its networks. Officials like former Secretary of Defense Leon Panetta and Secretary of Homeland Security Janet Napolitano have repeatedly sounded the alarm about the potential repercussions of a cyber offensive, emphasizing the urgent need to bolster the nation’s cyber capabilities.

Senators are now scrutinizing the protection levels of foreign nations’ nuclear stockpiles against cyber threats. This inquiry grew after the Pentagon’s chief cyber officer admitted uncertainty regarding the effectiveness of cybersecurity measures employed by countries like Russia and China. In response, Senator Carl Levin, Chairman of the Armed Services Committee, is set to request a national intelligence assessment on the capability of foreign states to protect their networks.

Unveiling the Hidden Risks of Project Management Tools & How FluentPro Backup Provides Essential Protection

Date: August 28, 2025
Categories: SaaS Security / Business Continuity

Every day, organizations, teams, and project managers depend on tools like Trello and Asana for collaboration and task management. But what happens when that trust is compromised? According to a recent Statista report, the global average cost of a data breach is approximately $4.88 million. Moreover, in 2024, the private data of over 15 million Trello users was exposed on a well-known hacker forum. Despite this, many companies still assume that their platform’s built-in backup systems are sufficient—until they discover otherwise. In the following paragraphs, we will highlight the risks of relying solely on these tools and discuss how cloud backup and recovery solutions can better safeguard your organization against data loss.

Why Are Project Management Tools Increasingly Vulnerable to Data Loss?

Over 95% of businesses today rely on project management tools like Trello and Asana to coordinate tasks, foster collaboration, and track project milestones. However, as project managers become more reliant on these platforms…

Unseen Risks in Project Management Tools and the Safeguards Offered by FluentPro Backup August 28, 2025 SaaS Security / Business Continuity As businesses increasingly rely on platforms such as Trello and Asana to facilitate collaboration and task management, it becomes imperative to address the vulnerabilities that accompany this reliance. A…

Read More

Unveiling the Hidden Risks of Project Management Tools & How FluentPro Backup Provides Essential Protection

Date: August 28, 2025
Categories: SaaS Security / Business Continuity

Every day, organizations, teams, and project managers depend on tools like Trello and Asana for collaboration and task management. But what happens when that trust is compromised? According to a recent Statista report, the global average cost of a data breach is approximately $4.88 million. Moreover, in 2024, the private data of over 15 million Trello users was exposed on a well-known hacker forum. Despite this, many companies still assume that their platform’s built-in backup systems are sufficient—until they discover otherwise. In the following paragraphs, we will highlight the risks of relying solely on these tools and discuss how cloud backup and recovery solutions can better safeguard your organization against data loss.

Why Are Project Management Tools Increasingly Vulnerable to Data Loss?

Over 95% of businesses today rely on project management tools like Trello and Asana to coordinate tasks, foster collaboration, and track project milestones. However, as project managers become more reliant on these platforms…

Critical Security Vulnerabilities Identified in Sage X3 Enterprise Management Software

Published: July 8, 2021

Recent research has revealed four significant security vulnerabilities in Sage X3’s enterprise resource planning (ERP) software. Two of these vulnerabilities can potentially be combined to facilitate an attack, allowing malicious actors to execute harmful commands and gain control over compromised systems. These issues were identified by researchers at Rapid7, who reported their findings to Sage Group on February 3, 2021. In response, the company has released patches for various versions of Sage X3, including Version 9 (Syracuse 9.22.7.2), Sage X3 HR & Payroll Version 9 (Syracuse 9.24.1.3), Version 11 (Syracuse 11.25.2.6), and Version 12 (Syracuse 12.10.2.8) in March. The identified vulnerabilities include:

  • CVE-2020-7388 (CVSS score: 10.0): Unauthenticated Remote Command Execution (RCE) as SYSTEM in the AdxDSrv.exe component.
  • CVE-2020-7389 (CVSS score: 5.5): System “CHAINE” Variable Script Command Injection (No fix planned).

Sage X3 Enterprise Management Software Exposed to Critical Vulnerabilities On July 8, 2021, it was reported that four significant security vulnerabilities have been identified within the Sage X3 enterprise resource planning (ERP) software suite. Two of these vulnerabilities are particularly concerning, as they can potentially be exploited in tandem to…

Read More

Critical Security Vulnerabilities Identified in Sage X3 Enterprise Management Software

Published: July 8, 2021

Recent research has revealed four significant security vulnerabilities in Sage X3’s enterprise resource planning (ERP) software. Two of these vulnerabilities can potentially be combined to facilitate an attack, allowing malicious actors to execute harmful commands and gain control over compromised systems. These issues were identified by researchers at Rapid7, who reported their findings to Sage Group on February 3, 2021. In response, the company has released patches for various versions of Sage X3, including Version 9 (Syracuse 9.22.7.2), Sage X3 HR & Payroll Version 9 (Syracuse 9.24.1.3), Version 11 (Syracuse 11.25.2.6), and Version 12 (Syracuse 12.10.2.8) in March. The identified vulnerabilities include:

  • CVE-2020-7388 (CVSS score: 10.0): Unauthenticated Remote Command Execution (RCE) as SYSTEM in the AdxDSrv.exe component.
  • CVE-2020-7389 (CVSS score: 5.5): System “CHAINE” Variable Script Command Injection (No fix planned).

Widespread Cyber Attack Targets South Korean Banks and TV Networks

March 20, 2013

On Wednesday, major South Korean banks and leading TV broadcasters experienced simultaneous network crashes due to a significant cyber attack. Authorities, including South Korean police, are investigating the incidents reported by major broadcasters like KBS, MBC, and YTN, as well as Shinhan and Nonghyup banks. The Korea Information Security Agency confirmed that systems went blank at 2 p.m., with some still nonoperational more than seven hours later.

Unlike a distributed denial-of-service (DDoS) attack, this disruption appears to have originated from a virus infecting the machines within these organizations, triggering its effects at the same time. Investigators from the Korea Communications Commission suspect that the malicious code may have been disseminated through company servers responsible for automatic security software updates and virus patches. The Associated Press has reported ongoing developments.

Cyber Attack Disrupts Major South Korean Banks and Broadcasters On March 20, 2013, South Korea experienced a significant cyber attack that led to the failure of computer networks across several prominent banks and television broadcasters. The assault began around 2 PM, with major organizations including KBS, MBC, and YTN, alongside…

Read More

Widespread Cyber Attack Targets South Korean Banks and TV Networks

March 20, 2013

On Wednesday, major South Korean banks and leading TV broadcasters experienced simultaneous network crashes due to a significant cyber attack. Authorities, including South Korean police, are investigating the incidents reported by major broadcasters like KBS, MBC, and YTN, as well as Shinhan and Nonghyup banks. The Korea Information Security Agency confirmed that systems went blank at 2 p.m., with some still nonoperational more than seven hours later.

Unlike a distributed denial-of-service (DDoS) attack, this disruption appears to have originated from a virus infecting the machines within these organizations, triggering its effects at the same time. Investigators from the Korea Communications Commission suspect that the malicious code may have been disseminated through company servers responsible for automatic security software updates and virus patches. The Associated Press has reported ongoing developments.

Salt Typhoon Exploits Vulnerabilities in Network Edge Devices to Target 600 Organizations Globally

Date: Aug 28, 2025
Categories: Cyber Espionage / Network Security

The advanced persistent threat (APT) group known as Salt Typhoon, linked to China, has ramped up its cyberattacks on networks worldwide, impacting sectors such as telecommunications, government, transportation, hospitality, and military infrastructure. According to a recent joint cybersecurity advisory, these attackers primarily target major telecommunications backbone routers, as well as provider edge (PE) and customer edge (CE) routers. They leverage compromised devices and trusted connections to infiltrate additional networks, often modifying routers to ensure continuous, long-term access. The advisory, issued by authorities from 13 countries, associates this malicious activity with three Chinese firms: Sichuan Juxinhe Network Technology Co., Ltd., Beijing Huanyu Tianqiong Information Technology Co., Ltd., and Sichuan Zhixin Ruijie Network Technology Co., Ltd.

Salt Typhoon Exploits Vulnerabilities in Edge Network Devices to Compromise 600 Organizations Globally In a significant escalation of cyber threats, the China-linked advanced persistent threat (APT) group known as Salt Typhoon has successfully infiltrated networks across a diverse range of sectors, affecting approximately 600 organizations worldwide. This includes critical industries…

Read More

Salt Typhoon Exploits Vulnerabilities in Network Edge Devices to Target 600 Organizations Globally

Date: Aug 28, 2025
Categories: Cyber Espionage / Network Security

The advanced persistent threat (APT) group known as Salt Typhoon, linked to China, has ramped up its cyberattacks on networks worldwide, impacting sectors such as telecommunications, government, transportation, hospitality, and military infrastructure. According to a recent joint cybersecurity advisory, these attackers primarily target major telecommunications backbone routers, as well as provider edge (PE) and customer edge (CE) routers. They leverage compromised devices and trusted connections to infiltrate additional networks, often modifying routers to ensure continuous, long-term access. The advisory, issued by authorities from 13 countries, associates this malicious activity with three Chinese firms: Sichuan Juxinhe Network Technology Co., Ltd., Beijing Huanyu Tianqiong Information Technology Co., Ltd., and Sichuan Zhixin Ruijie Network Technology Co., Ltd.

Significant Vulnerabilities Identified in Philips Vue PACS Medical Imaging Systems

Date: July 9, 2021

A series of security vulnerabilities have been revealed in the Philips Clinical Collaboration Platform Portal (commonly known as Vue PACS). Some of these vulnerabilities could potentially be exploited by malicious actors to gain control over affected systems. According to a warning from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), “Successful exploitation of these vulnerabilities could allow an unauthorized person or process to eavesdrop, view or modify data, gain system access, perform code execution, install unauthorized software, or compromise system data integrity, thereby threatening the confidentiality, integrity, or availability of the system.”

These 15 vulnerabilities affect the following systems:

  • VUE Picture Archiving and Communication Systems (versions 12.2.x.x and earlier)
  • Vue MyVue (versions 12.2.x.x and earlier)
  • Vue Speech (versions 12.2.x.x and earlier)
  • Vue Motion (versions 12.2.1.5 and earlier)

Notably, four specific issues (CVE-2020-1938, CVE-2018-12326, CVE-2018-11218, CVE-2020-4670, and CVE-2018-8014) have been assigned a Critical rating.

Critical Security Vulnerabilities Identified in Philips Vue PACS Imaging Systems On July 9, 2021, significant security vulnerabilities were reported in the Philips Clinical Collaboration Platform Portal, commonly referred to as Vue PACS. These vulnerabilities pose a serious risk, as they could potentially allow malicious actors to gain control over affected…

Read More

Significant Vulnerabilities Identified in Philips Vue PACS Medical Imaging Systems

Date: July 9, 2021

A series of security vulnerabilities have been revealed in the Philips Clinical Collaboration Platform Portal (commonly known as Vue PACS). Some of these vulnerabilities could potentially be exploited by malicious actors to gain control over affected systems. According to a warning from the U.S. Cybersecurity and Infrastructure Security Agency (CISA), “Successful exploitation of these vulnerabilities could allow an unauthorized person or process to eavesdrop, view or modify data, gain system access, perform code execution, install unauthorized software, or compromise system data integrity, thereby threatening the confidentiality, integrity, or availability of the system.”

These 15 vulnerabilities affect the following systems:

  • VUE Picture Archiving and Communication Systems (versions 12.2.x.x and earlier)
  • Vue MyVue (versions 12.2.x.x and earlier)
  • Vue Speech (versions 12.2.x.x and earlier)
  • Vue Motion (versions 12.2.1.5 and earlier)

Notably, four specific issues (CVE-2020-1938, CVE-2018-12326, CVE-2018-11218, CVE-2020-4670, and CVE-2018-8014) have been assigned a Critical rating.