Subway’s internal system, containing hundreds of gigabytes of data, has allegedly been compromised by the ransomware group. The group has given Subway a deadline to protect the stolen data, and it is currently unknown what ransom they have demanded.
The breach was facilitated by a password spray attack on a non-production test tenant account lacking two-factor authentication, highlighting the importance of robust account security measures.
Suspicions have been raised about a potential data leak from mobile service providers or a breach in the SMS provider used for OTP code delivery as the possible cause of the hacks.
The vulnerabilities allow threat actors to execute arbitrary commands, move laterally, perform data exfiltration, and establish persistent system access, potentially compromising target information systems.
Mandiant researchers observed UNC3886 exploiting a VMware ESXi zero-day vulnerability in June 2023, using novel malware persistence techniques to achieve administrative access within VMware ESXi Hypervisors.
The CISA and the FBI issued a joint warning about the Androxgh0st malware botnet, indicating that threat actors are building a botnet network to extract cloud credentials. Threat actors were also observed using stolen AWS credentials to create new users and user policies on a vulnerable website. The agencies have released IOCs associated with the Androxgh0st […]
A critical vCenter Server vulnerability (CVE-2023-34048) is actively being exploited, allowing attackers to execute remote code with high impact and without requiring authentication.
The mortgage and loan company LoanDepot experienced a suspected ransomware attack, leading to difficulties for customers in making mortgage payments and accessing their online accounts.
The underground market for crypters, exemplified by PolyCrypt, facilitates the sale and use of these tools for malicious purposes, highlighting the ongoing challenge of cybercrime.
The clothing company has not specified the type of data stolen but assured that Social Security numbers, bank account information, and payment card details were not retained.