What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-24 11:08:36 | T-Mobile Sued Over Data Breach Affecting Millions of Customers (lien direct) | Class action lawsuits have been filed against T-Mobile over the recently disclosed data breach that has been confirmed to impact more than 50 million of the company's customers. | Data Breach | ★★★★★ | |
 |
2021-08-23 20:49:00 | AT&T Denies Data Breach (lien direct) | Threat actor says AT&T will admit breach when personal data of 70 million customers is leaked | Data Breach Threat | ||
 |
2021-08-23 12:16:54 | Nokia subsidiary discloses data breach after Conti ransomware attack (lien direct) | SAC Wireless, a US-based and independently-operating Nokia company subsidiary, has disclosed a data breach following a ransomware attack where Conti operators were able to successfully breach its network, steal data, and encrypt systems. [...] | Ransomware Data Breach | ||
 |
2021-08-23 06:48:23 | Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group (lien direct) | ShinyHunters, a notorious cybercriminal underground group that's been on a data breach spree since last year, has been observed searching companies' GitHub repository source code for vulnerabilities that can be abused to stage larger scale attacks, an analysis of the hackers' modus operandi has revealed.
"Primarily operating on Raid Forums, the collective's moniker and motivation can partly be |
Data Breach | ||
 |
2021-08-22 07:59:02 | T-Mobile data breach could be worse than initially thought, 54 million customers impacted (lien direct) | T-Mobile data breach could be worse than initially thought, an update to the investigation reveals that over 54 million individuals were impacted. T-Mobile data breach could be worse than initially thought, according to an update to the investigation over 54 million customers had their data compromised. Recently T-Mobile has launched an investigation into a possible […] | Data Breach | ||
 |
2021-08-21 11:08:34 | T-Mobile confirms fifth data breach in three years (lien direct) | T-Mobile has confirmed media reports from earlier this week that it had suffered a serious data breach. And it's not just existing T-Mobile users who should be alarmed, but former and prosepective customers as well. | Data Breach | ||
 |
2021-08-20 19:10:32 | T-Mobile\'s data breach exposes the personal data of 40 million (lien direct) | 
T-Mobile, the popular US mobile phone service provider, recently confirmed a data breach affecting 7.8 million current customers and 40 million records from past or prospective customers. The...
|
Data Breach | ||
|
2021-08-20 18:56:00 | NYC Teachers\' Social Security Numbers Exposed (lien direct) | Data breach reported by students was allegedly ignored by school for months | Data Breach | ||
 |
2021-08-20 13:38:31 | T-Mobile data breach impacts over 40 million users – Security Experts Have Their Say (lien direct) | T-Mobile, one of the world’s largest telecommunications providers and mobile networks, admitted this week that over 40 million customers had been impacted by a data breach. With a reported 104 million T-Mobile customers, this latest breach has hit a significant number of the user base. The company released a statement saying “a highly sophisticated cyberattack” […] | Data Breach | ★★ | |
|
2021-08-20 12:30:05 | T-Mobile data breach just got worse - now at 54 million customers (lien direct) | The T-Mobile data breach keeps getting worse as an update to their investigation now reveals that cyberattack exposed over 54 million individuals' data. [...] | Data Breach | ||
 |
2021-08-20 11:29:47 | How to protect your T-Mobile account in light of the latest data breach (lien direct) | In response to a breach that compromised the personal data of millions of subscribers, T-Mobile customers should change their password and PIN and set up two-step verification. | Data Breach | ||
|
2021-08-20 09:43:40 | AT&T denies data breach after hacker auctions 70 million user database (lien direct) | AT&T says that they did not suffer a data breach after a well-known threat actor claimed to be selling a database containing the personal information of 70 million customers. [...] | Data Breach Threat | ||
|
2021-08-19 15:05:00 | JPMorgan Chase Notifies Customers of Data Breach (lien direct) | Technical issues may have allowed customers in Montana to view other customers' personal data | Data Breach | ||
 |
2021-08-19 11:53:19 | ROUNDTABLE: Why T-Mobile\'s latest huge data breach could fuel attacks directed at mobile devices (lien direct) | TMobile has now issued a formal apology and offered free identity theft recovery services to nearly 48 million customers for whom the telecom giant failed to protect their sensitive personal information. At the start of this week, word got out … (more…) | Data Breach | ||
 |
2021-08-19 11:17:56 | T-Mobile Data Breach (lien direct) | It’s a big one: As first reported by Motherboard on Sunday, someone on the dark web claims to have obtained the data of 100 million from T-Mobile’s servers and is selling a portion of it on an underground forum for 6 bitcoin, about $280,000. The trove includes not only names, phone numbers, and physical addresses but also more sensitive data like social security numbers, driver’s license information, and IMEI numbers, unique identifiers tied to each mobile device. Motherboard confirmed that samples of the data “contained accurate information on T-Mobile customers.”... | Data Breach | ||
|
2021-08-19 08:34:00 | T-Mobile: 49 Million Customers Hit by Data Breach (lien direct) | US carrier reveals sixth breach in past four years | Data Breach | ||
|
2021-08-18 16:24:33 | T-Mobile: Breach Exposed SSN/DOB of 40M+ People (lien direct) | T-Mobile warned Monday that a data breach has exposed the names, date of birth, Social Security number and driver's license/ID information of more than 40 million current, former or prospective customers. The acknowledgment came less than 48 hours after millions of the stolen T-Mobile customer records went up for sale in the cybercrime underground. | Data Breach | ||
|
2021-08-18 16:10:56 | T-Mobile data breach has impacted 48.6 million customers (lien direct) | T-Mobile has confirmed that hackers have stolen records belonging to 48.6 million of current and former customers. Recently T-Mobile has launched an investigation into a possible security breach after a threat actor started offering for sale 100 million T-Mobile customer records on the dark web. Bleeping Computer reported that the seller was asking for 6 […] | Data Breach Threat | ||
 |
2021-08-18 13:00:00 | How AI Prevents Fatigue After Data Breaches (lien direct) | I have data breach fatigue. Every day, my inbox is flooded with dozens of emails about the newest data breaches and what causes them. Five years ago, I took note of every company listed and the mistakes made that led to the breach. Today, I barely skim them. How many times can I read that a […] | Data Breach | ||
|
2021-08-18 12:14:53 | T-Mobile Confirms Data Breach Impacts Millions of Customers (lien direct) | T-Mobile has confirmed that hackers have stolen files storing information on millions of current and former customers. | Data Breach | ||
 |
2021-08-17 17:56:00 | Anomali Cyber Watch: Anomali Cyber Watch: Aggah Using Compromised Websites to Target Businesses Across Asia, eCh0raix Targets Both QNAP and NAS, LockBit 2.0 Targeted Accenture, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: China, Critical Infrastructure, Data Storage, LockBit, Morse Code, Ransomware, and Vulnerabilities. . The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Colonial Pipeline Reports Data Breach After May Ransomware Attack
(published: August 16, 2021)
Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to 5,810 individuals affected by the data breach resulting from the DarkSide ransomware attack. During the incident, which occurred during May this year, DarkSide also stole roughly 100GB of files in about two hours. Right after the attack Colonial Pipeline took certain systems offline, temporarily halted all pipeline operations, and paid $4.4 million worth of cryptocurrency for a decryptor, most of it later recovered by the FBI. The DarkSide ransomware gang abruptly shut down their operation due to increased level of attention from governments, but later resurfaced under new name BlackMatter. Emsisoft CTO Fabian Wosar confirmed that both BlackMatter RSA and Salsa20 implementation including their usage of a custom matrix comes from DarkSide.
Analyst Comment: BlackMatter (ex DarkSide) group added "Oil and Gas industry (pipelines, oil refineries)" to their non-target list, but ransomware remains a significant threat given profitability and the growing number of ransomware threat actors with various levels of recklessness. Double-extortion schemes are adding data exposure to a company's risks. Stopping ransomware affiliates requires defense in depth including: patch management, enhancing your Endpoint Detection and Response (EDR) tools with ThreatStream, the threat intelligence platform (TIP), and utilizing data loss prevention systems (DLP).
MITRE ATT&CK: [MITRE ATT&CK] Data Encrypted for Impact - T1486
Tags: Darkside, BlackMatter, Colonial Pipeline, Oil and Gas, Ransomware, Salsa20, Data Breach, USA
Indra — Hackers Behind Recent Attacks on Iran
(published: August 14, 2021)
Check Point Research discovered that a July 2021 cyber attack against Iranian railway system was committed by Indra, a non-government group. The attackers had access to the targeted networks for a month and then deployed a previously unseen file wiper called Meteor effectively disrupting train service throughout the country. Previous versions of the Indra wiper named Stardust and Comet were seen in Syria, where Indra was attacking oil, airline, and financial sectors at least since 2019.
Analyst Comment: It is concerning that even non-government threat actors can damage a critical infrastructure in a large country. Similar to ransomware protection, with regards to wiper attacks organizations should improve their intrusion detection methods and have a resilient backup system.
MITRE ATT&CK: [MITRE ATT&CK] Data Destruction - T1485 | [MITRE ATT&CK] File Deletion - T1107 | |
Ransomware Data Breach Malware Hack Tool Vulnerability Threat Guideline | APT 27 APT 27 | |
 |
2021-08-17 17:51:52 | T-Mobile Data Breach Amplifies Larger Cybersecurity Challenge (lien direct) |
Reports came out this week that T-Mobile had suffered a data breach. T-Mobile claims that the leak has been sealed. They deserve credit for responding quickly, but for some the damage may already be done. The data itself may not pose a direct risk to anyone, but the more information cybercriminals can obtain and correlate, the more effective future attacks will be. |
Data Breach | ||
|
2021-08-17 08:45:00 | Colonial Pipeline Reportedly Admits Data Breach (lien direct) | Ransomware actors may have compromised employee information | Ransomware Data Breach | ||
|
2021-08-17 07:04:00 | Colonial Pipeline discloses data breach after May ransomware attack (lien direct) | Colonial Pipeline discloses a data breach of the personal information of thousands of individuals after the ransomware attack that took place in May 2021. Colonial Pipeline has started notifying more than 5000 people that had their personal information compromised after a ransomware attack that took place in May. The Colonial Pipeline facility in Pelham, Alabama […] | Ransomware Data Breach | ||
 |
2021-08-17 05:41:00 | Educational publisher Pearson fined for data breach cover-up (lien direct) | Pas de details / No more details | Data Breach | ||
|
2021-08-16 23:53:37 | T-Mobile Investigating Claims of Massive Data Breach (lien direct) | Communications giant T-Mobile said today it is investigating the extent of a data breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases including the name, Social Security number, address, date of birth, phone number, security PINs and details that uniquely identify each customer's mobile device. | Data Breach | ||
|
2021-08-16 21:27:53 | T-Mobile confirms data breach that exposed customer personal info (lien direct) | T-Mobile confirms a breach after threat actors claimed to have obtained records of 100 million of its customers and offered them for sale. T-Mobile has confirmed a data breach that exposed personal information from over 100 million of its US customers. Yesterday the company announced it launched an investigation into a possible data breach after […] | Data Breach Threat | ||
 |
2021-08-16 20:44:22 | The T-Mobile Data Breach Is One You Can\'t Ignore (lien direct) | Hackers claim to have obtained the data of 100 million people-including sensitive personal information. | Data Breach | ||
|
2021-08-16 19:45:00 | T-Mobile Investigates Possible Data Breach (lien direct) | Communications company looking into claims that personal data of 100 million users has been compromised | Data Breach | ||
|
2021-08-16 15:52:44 | T-Mobile confirms servers were hacked, investigates data breach (lien direct) | T-Mobile has confirmed that threat actors hacked their servers in a recent cyber attack but still investigate whether customer data was stolen. [...] | Data Breach Threat | ||
|
2021-08-16 15:23:21 | Education giant Pearson fined $1M for downplaying data breach (lien direct) | The US Securities and Exchange Commission (SEC) announced today that Pearson, a British multinational educational publishing and services company, has settled charges of mishandling the disclosure process for a 2018 data breach discovered in March 2019. [...] | Data Breach | ||
|
2021-08-16 07:23:27 | Colonial Pipeline reports data breach after May ransomware attack (lien direct) | Colonial Pipeline, the largest fuel pipeline in the United States, is sending notification letters to individuals affected by the data breach resulting from the DarkSide ransomware attack that hit its network in May. [...] | Ransomware Data Breach | ||
|
2021-08-16 06:47:07 | Threat actor claims to be selling data of more than 100 million T-Mobile customers (lien direct) | T-Mobile is investigating a possible data breach after a threat actor published a post on a forum claiming to be selling the personal data of its customers. New problems for T-Mobile, the company is investigating a possible data breach after that a threat actor has published a post on a hacking forum claiming to be […] | Data Breach Threat | ||
|
2021-08-12 19:29:00 | Chanel Apologizes for Data Breach (lien direct) | Cyber-attack blamed for data breach at Korean arm of French luxury brand | Data Breach | ||
|
2021-08-10 18:11:00 | UPMC to Pay $2.65M to Settle Data Breach Case (lien direct) | Settlement reached over 2014 data breach at the University of Pittsburgh Medical Center | Data Breach | ||
|
2021-08-04 21:39:51 | (Déjà vu) Advanced Technology Ventures discloses ransomware attack and data breach (lien direct) | The American venture capital firm Advanced Technology Ventures (ATV) disclosed a ransomware attack, crooks also stole data of some private investors. Advanced Technology Ventures (ATV) is an American venture capital firm with more than $1.8 billion in capital under management. The venture capital firm this week disclosed a ransomware attack, threat actors have also stolen the personal information of some […] | Ransomware Data Breach Threat | ||
|
2021-08-04 14:22:00 | Personal Data Breach Reports Fall Despite Rising Attacks (lien direct) | There was a surprising decline in personal data breach reports to the ICO in FY 20/21 despite rising attacks and breaches. | Data Breach | ||
|
2021-08-03 15:00:00 | Anomali Cyber Watch: LockBit ransomware, Phony Call Centers Lead to Exfiltration and Ransomware, VBA RAT using Double Attack Vectors, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Android malware, APT, Data leak, macOS malware, Phishing, Ransomware and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. 
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
BazaCall: Phony Call Centers Lead to Exfiltration and Ransomware
(published: July 29, 2021)
BazaCall campaigns have forgone malicious links or attachments in email messages in favor of phone numbers that recipients are misled into calling. Actual humans then provide the callers with step-by-step instructions for installing malware. The BazaLoader payload from these campaigns also gives a remote attacker hands-on-keyboard control on an affected user's device, which allows for a fast network compromise. The lack of obvious malicious elements in the delivery methods could render typical ways of detecting spam and phishing emails ineffective.
Analyst Comment: All users should be informed of the risk phishing poses, and how to safely make use of email. They should take notice that a phone number sent to them can be fraudulent too. In the case of infection, the affected system should be wiped and reformatted, and if at all possible the ransom should not be paid. Implement a backup solution for your users to ease the pain of losing sensitive and important data.
MITRE ATT&CK: [MITRE ATT&CK] User Execution - T1204 | [MITRE ATT&CK] Credential Dumping - T1003 | [MITRE ATT&CK] Data Encrypted for Impact - T1486
Tags: BazaCall, Bazaar, Ransomware
Crimea “Manifesto” Deploys VBA Rat Using Double Attack Vectors
(published: July 29, 2021)
Hossein Jazi has identified a suspicious document named "Манифест". It downloads and executes two templates: one is macro-enabled and the other is an Internet Explorer exploit. While both techniques rely on template injection to drop a full-featured Remote Access Trojan, the IE exploit is an unusual discovery.
Analyst Comment: Files that request content be enabled to properly view the document are often signs of a phishing attack. If such a file is sent to you via a known and trusted sender, that individual should be contacted to verify the authenticity of the attachment prior to opening. Thus, any such file attachment sent by unknown senders should be viewed with the utmost scrutiny, and the attachments should be avoided and properly reported to appropriate personnel.
MITRE ATT&CK: [MITRE ATT&CK] User Execution - T1204 | [MITRE ATT&CK] Template Injection - T1221 | [MITRE ATT&CK] Scheduled Task - T1053 | [MITRE ATT&CK] Modify Registry - T1112
Tags: VBA, Russia, RAT, CVE- |
Ransomware Data Breach Spam Malware Threat Guideline | ||
|
2021-08-02 12:07:17 | (Déjà vu) What the Growing Costs of a Data Breach Means for the Business (lien direct) |
A recent global research report conducted by Cybereason, titled Ransomware: The True Cost to Business, revealed that the vast majority of organizations that have suffered a ransomware attack have experienced significant impact to the business, including loss of revenue, damage to the organization's brand, unplanned workforce reductions, and little in the way of relief from cyber insurance policies.
An esteemed panel of subject matter experts will examine the research findings and discuss how organizations can better prepare to defend against and respond to a ransomware attack, and the full on-demand webinar can be found here.
Recently, IBM came out with its Cost of a Data Breach Report 2021. This publication synthesizes the Ponemon Institute's research of 537 breaches that affected 17 different industries and that occurred across 17 countries and regions. It also draws on nearly 3,500 interviews to understand how much those breaches cost organizations and what decision makers are doing to better defend against security incidents going forward. |
Ransomware Data Breach | ||
|
2021-07-30 12:25:45 | Building Effective Business Cases to Cover Cybersecurity Costs (lien direct) | With the global average cost of a data breach totaling $3.86 million in 2020, the topic of security continues to be a major pressure point and a board-level agenda item. So why do security programs still seem to lack adequate funding, urgency and support until a breach or lawsuit occurs or auditors demand change? Verizon’s […] | Data Breach | ||
|
2021-07-28 17:28:21 | Data breach costs hit record high due to pandemic (lien direct) | The average cost of a data breach among companies surveyed for IBM Security reached $4.24 million per incident, the highest in 17 years. | Data Breach | ||
|
2021-07-28 14:26:36 | IBM Cost of a Data Breach study: average Cost of Data Breach exceeds $4.2M (lien direct) | The ‘Cost of a Data Breach’ report commissioned by IBM Security states that the cost of a data breach exceeded $4.2 million during the COVID19 pandemic. IBM Security presented today the annual study “Cost of Data Breach,” conducted by Ponemon Institute and sponsored and analyzed by IBM, which is based on data related to data […] | Data Breach | ||
|
2021-07-28 12:31:39 | University of San Diego Health Says Personal Information Stolen in Data Breach (lien direct) | University of San Diego Health this week revealed that personal information was accessed in a data breach involving unauthorized access to some employee email accounts. | Data Breach | ||
|
2021-07-28 11:13:44 | IBM: Average Cost of Data Breach Exceeds $4.2 Million (lien direct) | A global study commissioned by IBM Security shows that the average cost of a data breach exceeded $4.2 million during the coronavirus pandemic, which the company pointed out is the highest in the 17-year history of its “Cost of a Data Breach” report. | Data Breach | ||
|
2021-07-28 10:00:00 | Data Breach Costs at Record High, Zero Trust, AI and Automation Help Reduce Costs (lien direct) | Data breaches have been growing in numbers and scale, taking longer to detect and contain. The average total cost of a data breach is at its highest of 17 years, at $4.24 million. The year over year increase of 10% is the largest single year cost increase recorded in the last 7 years. IBM and […] | Data Breach | ||
|
2021-07-28 08:16:04 | (Déjà vu) Cost of a data breach hits record high during the pandemic (lien direct) | IBM research indicates that the cost of an enterprise data breach reached a record high during the COVID-19 pandemic. IBM has estimated in its new “Cost of a Data Breach” report that the average data breach now runs upward of $4 million. In fact, in 2021, a typical data breach experienced by companies now costs […] | Data Breach | ||
|
2021-07-28 06:39:34 | What\'s New in the 2021 Cost of a Data Breach Report (lien direct) | Has cybersecurity ever been more important than it is right now? Even in these extraordinary times, with its focus on manufacturing vaccines and getting shots into arms, new research in the Cost of a Data Breach Report shows that the increasing cost of security breaches makes preventing and responding to these threats a critical concern. […] | Data Breach | ||
 |
2021-07-28 04:01:02 | Enterprise data breach cost reached record high during COVID-19 pandemic (lien direct) | IBM research estimates that the average data breach now costs upward of $4 million. | Data Breach | ||
|
2021-07-27 16:06:32 | UC San Diego Health discloses data breach after phishing attack (lien direct) | UC San Diego Health, the academic health system of the University of California, San Diego, has disclosed a data breach after the compromise of some employees' email accounts. [...] | Data Breach | ||
|
2021-07-27 12:56:20 | The XDR Advantage: Eliminate Dwell Time and Gain Visibility (lien direct) |
The average cost of a data breach in 2020 was $3.86 million, according to IBM. It was even more expensive for certain entities. Indeed, that cost rose to $8.64 million when attackers succeeded in breaching an organization located in the United States. It was the same story in the healthcare industry, with the cost of data breaches climbing to $7.13 million for affected entities.
|
Data Breach |
To see everything:
Our RSS (filtrered)
