Biggest Data Leak in History Exposes 26B Records
Most of the exposed data, found on an open instance likely owned by a threat actor or data broker, was from the Chinese instant messaging app Tencent QQ. At the same time, Weibo, MySpace, Twitter, and Wattpad also had hundreds of millions of leaked credentials and other information. Read More
Water Services Giant Veolia North America Hit by Ransomware Attack
Two major water companies, Veolia in the US and Southern Water in the UK, have been targeted in ransomware attacks that resulted in data breaches. Read More
High-Severity Vulnerability Patched in Splunk Enterprise
The latest Splunk Enterprise releases patch multiple vulnerabilities, including a high-severity flaw in the Windows version. Read More
Patch Your GoAnywhere MFT Immediately - Critical Flaw Lets Anyone Be Admin
Authentication bypass in Fortra's GoAnywhere MFT before 7.4.1 allows an unauthorized user to create an admin user via the administration portal. Read More
LoanDepot says 16.6M Customers had ‘Sensitive Personal’ Information Stolen in a Cyberattack
LoanDepot did not say what kind of sensitive and personal customer data was stolen. Read More
Lockbit Ransomware Gang Claims The Attack On The Sandwich Chain Subway
The group claims to have stolen hundreds of gigabytes of sensitive data. The gang said that stolen data includes employee salaries, franchise royalty payments, master franchise commission payments, restaurant turnovers, and more. Read More
FTC Settles Second Case With Geolocation Data Broker In Two Weeks
The agency alleges that data aggregator InMarket Media improperly collected, used, and stored consumers’ location data which it then packaged into specific audience segments for advertisers and stored for five years. Read More
Hackers Target Atlassian Confluence With RCE Exploits
Shadowserver reported over 39,000 exploitation attempts originating from 600 unique IP addresses, primarily Russian. Read More
This Devious Malware Uses a Bond-Inspired Driver to Kill Security Suites — Then Proceeds to Systematically Encrypt Your Data and Drops A $2 Million Ransom Request.
And it then proceeds to install ransomware just for good measure. Read More
BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time
BreachForums was a major cybercrime marketplace that facilitated the trafficking of stolen data since March 2022. Before its shutdown exactly a year later, the website boasted of over 340,000 members. Read More
Apple Issues Patch for Critical Zero-Day in iPhones, Macs - Update Now
In a terse advisory, Apple acknowledged it's "aware of a report that this issue may have been exploited," but did not share any other specifics about the nature of attacks or the threat actors leveraging the shortcoming. Read More
A colossal data leak, known as the “Mother of all Breaches”, has exposed 26 billion records, totaling 12TB of data, primarily sourced from previous data breaches. The leaked information includes credentials from the Chinese app Tencent QQ, as well as data from Weibo, MySpace, Twitter, Wattpad, and government entities in the U.S., Brazil, Turkey, Germany, and the Philippines, posing a significant security risk despite being old records.
Veolia North America, a subsidiary of Veolia, reported a ransomware attack on its Municipal Water division, leading to temporary system shutdowns and disruptions in bill payment services. The company has implemented defensive measures, working with law enforcement and third-party experts to assess the attack's impact. Although some customer payment systems were affected, Veolia assures that water treatment operations remain unaffected, and it is investigating a limited number of individuals whose personal information may have been compromised.
Get in touch with us to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.