The incident involved an intruder accessing Fidelity National Financial’s systems and acquiring certain credentials, leading to the shutdown of various systems and impacting the company’s operations.

The Telekopye Toolkit, implemented as a Telegram bot, is a tool used by scammers to deceive users in online marketplaces by creating phishing websites and fabricating fake screenshots, emails, and SMS messages.

The use of OneDrive instead of Google Drive for storing command-and-control server URLs allows attackers to easily change the C2 address and stay ahead of reputation-based services.

Between November 1 and November 14 this year, security vendor Egress detected a 237% increase in phishing emails relating specifically to Black Friday and Cyber Monday, versus the period September 1-October 31.

Publicly exposed Kubernetes configuration secrets pose a significant risk of supply chain attacks, with credentials for accessing container image registries being stored in public repositories.

The three critical vulnerabilities include disclosure of sensitive credentials and configuration, authentication bypass using pre-signed URLs, and subdomain validation bypass.

The recently identified scam involved the creation of counterfeit tokens and manipulated trading activities to attract investors before swiftly withdrawing liquidity and causing substantial losses.

The leaked data poses a significant threat to children, as it can be exploited by malicious actors for extortion, impersonation, identity theft, fraud, and even potential child abuse.

The hospital system was added to the leak site of the Meow ransomware gang. VUMC has confirmed the incident but has not provided details on when it occurred or the effects of the attack.

The United Kingdom and South Korea have issued a joint advisory warning about software supply chain attacks carried out by North Korean state-linked hackers, highlighting the increasing volume and sophistication of such attacks.