Tag: theft

Kettering Health Confirms Interlock Ransomware Breach and Data Theft

Jun 9, 2025 2:54 PM

Tags: access, attack, breach, cyber, data, group, healthcare, network, ransomware, technology, theft, unauthorized

On the morning of May 20, 2025, Kettering Health, a major Ohio-based healthcare provider operating 14 medical centers and over 120 outpatient facilities, was struck by a sophisticated ransomware attack that forced a system-wide technology outage. The incident, attributed to the Interlock ransomware group, resulted in unauthorized access to the health system’s network, encrypting critical…
Malicious npm Utility Packages Enable Attackers to Wipe Production Systems

Jun 9, 2025 10:55 AM

Tags: api, backdoor, cyber, data, email, malicious, theft, threat

Socket’s Threat Research Team has uncovered two malicious npm packages, express-api-sync and system-health-sync-api, designed to masquerade as legitimate utilities while embedding destructive backdoors capable of annihilating production systems. Published under the npm alias >>botsailer
Salesforce, Okta Targeted by Telephone-Wielding Hackers

Jun 6, 2025 1:55 AM

Tags: attack, cloud, data, hacker, hacking, okta, phishing, scam, theft

Hackers Impersonate IT Support Staff. A hacking collective linked to recent British retailer attacks is targeting cloud companies through or voice phishing scams for data theft from European hospitality, retail and education sectors. Hackers impersonate IT support staff. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/salesforce-okta-targeted-by-telephone-wielding-hackers-a-28604
Hackers Are Stealing Salesforce Data, Google Warns

Jun 5, 2025 6:54 PM

Tags: attack, authentication, breach, cloud, credentials, cyber, data, defense, detection, exploit, extortion, google, group, hacker, identity, intelligence, malware, microsoft, mitigation, monitoring, network, okta, saas, service, theft, threat, tool, update

By Christy Lynch This post summarizes the June 4, 2025 threat intelligence update from Google and offers additional recommendations from Reveal Security based on similar and recently observed attack patterns targeting SaaS applications and cloud infrastructure. Reveal Security monitors the overall cyber landscape for unique threats that can evade legacy detection methodologies. This UNC6040 campaign…
Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App

Jun 4, 2025 6:55 PM

Tags: breach, data, google, group, intelligence, phishing, theft, threat

Google has disclosed details of a financially motivated threat cluster that it said “specialises” in voice phishing (aka vishing) campaigns designed to breach organizations’ Salesforce instances for large-scale data theft and subsequent extortion.The tech giant’s threat intelligence team is tracking the activity under the moniker UNC6040, which it said exhibits characteristics that align with First…
Hackers abuse malicious version of Salesforce tool for data theft, extortion

Jun 4, 2025 5:55 PM

Tags: data, extortion, group, hacker, malicious, phishing, theft, threat, tool

A threat group is using voice phishing to trick targeted organizations into sharing sensitive credentials. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/hackers-abuse-salesforce-tool-extortion/749790/
#Infosec2025: Device Theft Causes More Data Loss Than Ransomware

Jun 4, 2025 2:55 PM

Tags: breach, credentials, data, ransomware, theft

Stolen devices are a bigger cause of data loss than stolen credentials or ransomware, according to a new Blancco study First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/device-theft-data-loss-ransomware/
#Infosec2025: Majority of Compromises Caused by Stolen Credentials, No MFA

Jun 4, 2025 10:54 AM

Tags: breach, credentials, mfa, theft

Rapid7 found that 56% of all compromises in Q1 2025 resulted from the theft of valid account credentials with no MFA in place First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/majority-compromises-stolen/
LummaC2 Fractures as Acreed Malware Becomes Top Dog

Jun 3, 2025 8:54 PM

Tags: credentials, malware, russia, theft

LummaC2 formerly accounted for almost 92% of Russian Market’s credential theft log alerts. Now, the Acreed infostealer has replaced its market share. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/lummac2-fracture-acreed-infostealer-top-dog
Conquering complexity and risk with data security posture insights

Jun 3, 2025 4:54 PM

Tags: access, ai, attack, automation, best-practice, business, cloud, compliance, control, cyber, cyberattack, data, defense, detection, encryption, exploit, framework, GDPR, governance, infrastructure, intelligence, mitigation, monitoring, PCI, regulation, risk, risk-assessment, risk-management, strategy, technology, theft, threat, tool, unauthorized, vulnerability

Conquering complexity and risk with data security posture insights madhav Tue, 06/03/2025 – 05:35 In today’s competitive landscape it has become an increasingly important for businesses looking for ways to adapt their data security, governance, and risk management practices to the volatile economy by improving efficiency or reducing costs while maintaining structure, consistency, and guidance…
Top Russian Dark Web Market Tools Drive Surge in Credential Theft Attacks

Jun 3, 2025 4:54 PM

Tags: attack, breach, credentials, cyber, cybersecurity, dark-web, risk, russia, service, theft, tool

In a chilling revelation for cybersecurity professionals, the Russian Market has solidified its position as the leading hub for stolen credentials, fueling a dramatic rise in credential theft attacks worldwide. According to a 2024 report by ReliaQuest’s GreyMatter Digital Risk Protection (DRP) service, over 136,000 customer alerts were raised concerning potential stolen credentials on this…
AI gives superpowers to BEC attackers

Jun 3, 2025 9:54 AM

Tags: ai, attack, authentication, automation, business, ceo, cloud, communications, corporate, credentials, crypto, data, deep-fake, defense, dmarc, email, exploit, finance, framework, fraud, gartner, google, group, identity, india, jobs, LLM, mail, malicious, malware, microsoft, mitigation, office, phishing, phone, scam, service, skills, social-engineering, spam, spear-phishing, strategy, technology, theft, threat, tool, training

The role of AI in business email compromise: Unlike traditional spam or phishing emails, which are designed to be as generic as possible, BEC fraud is highly targeted. Attackers must do a great deal of research about their targets to craft their messages and time their attacks for when their victim would be most susceptible,…
Widespread Linux password hash theft likely with new bugs

Jun 2, 2025 10:54 PM

Tags: linux, password, theft

First seen on scworld.com Jump to article: www.scworld.com/brief/widespread-linux-password-hash-theft-likely-with-new-bugs
Preinstalled Android Apps Found Leaking PINs and Executing Malicious Commands

Jun 2, 2025 5:54 PM

Tags: android, cve, cyber, flaw, malicious, risk, theft, unauthorized, vulnerability

On May 30, 2025, CERT Polska coordinated the public disclosure of three significant security vulnerabilities affecting preinstalled Android applications on smartphones from Ulefone and Krüger&Matz. These flaws, tracked as CVE-2024-13915, CVE-2024-13916, and CVE-2024-13917, expose users to risks ranging from unauthorized device resets to theft of sensitive PIN codes and privilege escalation by malicious applications. Technical…
Sophisticated Malware Campaign Targets Windows and Linux Systems

Jun 2, 2025 5:54 PM

Tags: credentials, linux, malware, theft, tool, windows

A new malware campaign targeting Windows and Linux systems has been identified, deploying tools for evasion and credential theft First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malware-campaign-targets-windows/
Critical Linux Vulnerabilities Risk Password Hash Theft Worldwide

Jun 2, 2025 4:54 PM

Tags: data, linux, password, risk, theft, vulnerability

Critical Linux vulnerabilities that expose password hashes on millions of systems. Learn how to protect your data now! First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/critical-linux-vulnerabilities-risk-password-hash-theft-worldwide/
Backdoors in Python and NPM Packages Target Windows and Linux

Jun 2, 2025 11:54 AM

Tags: attack, backdoor, data, linux, theft, windows

Checkmarx uncovers cross-ecosystem attack: fake Python and NPM packages plant backdoor on Windows and Linux, enabling data theft plus remote control. First seen on hackread.com Jump to article: hackread.com/backdoors-python-npm-packages-windows-linux/
New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora

May 31, 2025 12:55 PM

Tags: access, cve, flaw, linux, password, theft, threat, tool, vulnerability

Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit (TRU).Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools…
Windows 11 File Explorer Vulnerability Enables NTLM Hash Theft

May 29, 2025 4:55 PM

Tags: authentication, cve, cyber, flaw, malicious, ntlm, technology, theft, vulnerability, windows

A newly disclosed vulnerability, CVE-2025-24071, has been identified in Windows File Explorer, specifically affecting Windows 11 (23H2) and earlier versions that support .library-ms files and the SMB protocol. This flaw enables attackers to capture NTLM (New Technology LAN Manager) authentication hashes simply by tricking a user into extracting a malicious ZIP archive”, no further interaction…
6 rising malware trends every security pro should know

May 29, 2025 8:55 AM

Tags: adobe, ai, antivirus, apple, attack, awareness, backdoor, business, captcha, cloud, corporate, cybercrime, data, defense, detection, encryption, endpoint, exploit, extortion, framework, group, hacking, incident response, infrastructure, intelligence, Internet, law, leak, macOS, malicious, malware, network, password, phishing, powershell, programming, pypi, ransom, ransomware, service, social-engineering, software, supply-chain, tactics, theft, threat, tool, update, vulnerability, worm

Malicious packages targeting developer environments: Threat actors are systematically compromising the software supply chain by embedding malicious code within legitimate development tools, libraries, and frameworks that organizations use to build applications.”These supply chain attacks exploit the trust between developers and package repositories,” Immersive’s McCarthy tells CSO. “Malicious packages often mimic legitimate ones while running harmful…
Zanubis Android Malware Harvests Banking Credentials and Executes Remote Commands

May 28, 2025 7:55 PM

Tags: android, banking, control, credentials, crypto, cyber, data, finance, malware, theft, threat

The Zanubis Android banking Trojan has evolved into a highly sophisticated threat, initially targeting financial institutions in Peru before expanding its scope to virtual cards and cryptocurrency wallets. This malware, known for impersonating legitimate Peruvian Android apps, tricks users into granting accessibility permissions, thereby enabling extensive data theft and remote control capabilities. Evolution of a…
Dark Partners cybercrime gang fuels large-scale crypto heists

May 28, 2025 6:54 PM

Tags: ai, attack, crypto, cybercrime, network, software, theft, threat, vpn

A sprawling network of fake AI, VPN, and crypto software download sites is being used by the “Dark Partner” threat actors to conduct a crypto theft attacks worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dark-partners-cybercrime-gang-fuels-large-scale-crypto-heists/
VenomRAT Malware Introduces New Tools for Password Theft and Stealthy Access

May 28, 2025 3:55 PM

Tags: access, antivirus, cyber, malicious, malware, password, theft, threat, tool, windows

A malicious cyber campaign leveraging VenomRAT, a potent Remote Access Trojan (RAT), has been uncovered, posing a significant threat to unsuspecting users through a deceptive website mimicking Bitdefender’s Antivirus for Windows download page. The fraudulent domain, “bitdefender-download[.]com,” lures victims with a spoofed interface titled “DOWNLOAD FOR WINDOWS,” closely resembling the legitimate site but with subtle…
US makes fresh indictments over DanaBot, Qakbot malwares

May 27, 2025 8:54 PM

Tags: cyber, fraud, malware, theft

US charges the operators of two malwares, DanaBot and Qakbot, whose actions led to millions of dollars worth of cyber theft and fraud First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625033/US-makes-fresh-indictments-over-DanaBot-Qakbot-malwares
DragonForce Ransomware Leveraged in MSP Attack Using RMM Tool

May 27, 2025 5:54 PM

Tags: attack, cyber, data, exploit, flaw, msp, ransomware, theft, tool

A targeted cyber-attack on an MSP exploited flaws in remote management tools, resulting in ransomware deployment and data theft First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/dragonforce-ransomware-msp-attack/
Crooks stole over $200 million from crypto exchange Cetus Protocol

May 27, 2025 9:54 AM

Tags: breach, crypto, cyber, theft, threat

Cetus Protocol reported a $223 million crypto theft and is offering to drop legal action if the stolen funds are returned. Last week, threat actors stole about $223 million from decentralized crypto exchange Cetus. The platform was paused during the investigation and later confirmed the cyber heist. The company confirmed that it has successfully paused…
SilverRAT Source Code Leaked Online: Here’s What You Need to Know

May 26, 2025 10:54 PM

Tags: access, attack, crypto, data-breach, github, malware, password, theft, tool

SilverRAT Source Code leaked on GitHub, exposing powerful malware tools for remote access, password theft, and crypto attacks before removal. First seen on hackread.com Jump to article: hackread.com/silverrat-source-code-leaked-online-you-need-to-know/
Katz Stealer Targets Chrome, Edge, Brave, and Firefox to Steal Login Credentials

May 26, 2025 7:54 PM

Tags: browser, chrome, credentials, crypto, cyber, data, email, login, malware, password, service, theft

Katz Stealer has emerged as a potent credential-stealing malware-as-a-service, targeting popular web browsers such as Chrome, Edge, Brave, and Firefox. This multi-feature stealer conducts extensive system reconnaissance and data theft by extracting saved passwords, cookies, and session tokens from these browsers. Beyond browsers, it also compromises cryptocurrency wallets, communication platforms like Discord and Telegram, email…
NC Pathology Practice Notifying 236,000 of Data Theft Hack

May 24, 2025 12:55 AM

Tags: breach, cybercrime, data, group, hacker, hacking, ransom, ransomware, theft

Did Marlboro-Chesterfield Pathology Pay Cybercrime Gang Safepay a Ransom?. A North Carolina pathology practice is notifying nearly 236,000 patients of a hacking incident discovered in January. Marlboro-Chesterfield Pathology says it took steps to ensure the hackers deleted its stolen data. Newcomer ransomware group Safepay is apparently the culprit in the attack. First seen on govinfosecurity.com…
N.C. Pathology Practice Notifying 236,000 of Data Theft Hack

May 23, 2025 9:55 PM

Tags: breach, cybercrime, data, group, hacker, hacking, ransom, ransomware, theft

Did Marlboro-Chesterfield Pathology Pay Cybercrime Gang Safepay a Ransom?. A North Carolina pathology practice is notifying nearly 236,000 patients of a hacking incident discovered in January. Marlboro-Chesterfield Pathology says it took steps to ensure the hackers deleted its stolen data. Newcomer ransomware group Safepay is apparently the culprit in the attack. First seen on govinfosecurity.com…