data breach

Pierluigi Paganini November 11, 2022
An initial access broker claims to have hacked Deutsche Bank

An initial access broker claims to have hacked Deutsche Bank and is offering access to its systems for sale on Telegram. A threat actor (0x_dump) claims to have hacked the multinational investment bank Deutsche Bank and is offering access to its network for sale online. The security researcher Dominic Alvieri was one of the first experts […]

Pierluigi Paganini November 08, 2022
Medibank confirms ransomware attack impacting 9.7M customers, but doesn’t pay the ransom

Australian health insurer Medibank confirmed that personal data belonging to around 9.7 million current and former customers were exposed as a result of a ransomware attack. Medibank announced that personal data belonging to around 9.7M of current and former customers were exposed as a result of a recent ransomware attack. Medibank is one of the […]

Pierluigi Paganini November 06, 2022
Security Affairs newsletter Round 392

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. 29 malicious PyPI packages spotted delivering the W4SP Stealer Zero-day are exploited on a massive scale […]

Pierluigi Paganini November 04, 2022
RomCom RAT campaigns abuses popular brands like KeePass and SolarWinds NPM

A new campaign spreading RomCom RAT impersonates popular software brands like KeePass, and SolarWinds. The threat actor behind the RomCom RAT (remote access trojan) has refreshed its attack vector and is now abusing well-known software brands for distribution. Researchers from BlackBerry uncovered a new RomCom RAT campaign impersonating popular software brands like KeePass, and SolarWinds. […]

Pierluigi Paganini November 03, 2022
LockBit ransomware gang claims the hack of Continental automotive group

The LockBit ransomware group claimed to have hacked the multinational automotive group Continental and threatens to leak stolen data. LockBit ransomware gang announced to have hacked the German multinational automotive parts manufacturing company Continental. The group added the name of the company to its Tor leak site and is threatening to publish alleged stolen data if the […]

Pierluigi Paganini October 31, 2022
Snatch group claims to have hacked military provider HENSOLDT France

The Snatch ransomware group claims to have hacked HENSOLDT France, a company specializing in military and defense electronics. The Snatch ransomware group claims to have hacked the French company HENSOLDT France. HENSOLDT is a company specializing in military and defense electronics. HENSOLDT France offers a wide range of critical electronics solutions, products and services for the aeronautical, defence, energy and transport sectors, […]

Pierluigi Paganini October 30, 2022
BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

The BlackByte ransomware group claims to have compromised Asahi Group Holdings, a precision metal manufacturing and metal solution provider. Asahi Group Holdings, Ltd. is a precision metal manufacturing and metal solution provider, for more than 40 years, the company has been delivering end-to-end services in the industries of precision metals and thin-film coatings with different teams […]

Pierluigi Paganini October 30, 2022
Air New Zealand warns of an ongoing credential stuffing attack

Air New Zealand suffered a security breach, multiple customers have been locked out of their accounts after the incident. Air New Zealand suffered a security breach, threat actors attempted to access customers’ accounts by carrying out credential-stuffing attacks. What is credential stuffing? “Credential stuffing is a type of attack in which hackers use automation and lists […]

Pierluigi Paganini October 29, 2022
Twilio discloses another security incident that took place in June

Twilio suffered another brief security incident in June 2022, the attack was conducted by the same threat actor of the August hack. The Communications company Twilio announced that it suffered another “brief security incident” on June 29, 2022, the attack was conducted by the same threat actor that in August compromised the company and gained access to […]

Pierluigi Paganini October 27, 2022
Thomson Reuters collected and leaked at least 3TB of sensitive data

The multinational media conglomerate Thomson Reuters left a database with sensitive customer and corporate data exposed online Original post at https://cybernews.com/security/thomson-reuters-leaked-terabytes-sensitive-data/ Thomson Reuters, a multinational media conglomerate, left an open database with sensitive customer and corporate data, including third-party server passwords in plaintext format. Attackers could use the details for a supply-chain attack. The Cybernews […]