Threat Intelligence Cybersecurity News December 11, 2022
Updated: Dec 12, 2022
The Hive ransomware gang has been extremely active throughout the year, stealing and posting data from its victims. A French sports company became the latest victim of this threat. An HR and payroll management company recently informed its corporate and individual customers of a data breach that exposed their information. In other news, the HHS issued a warning about another ransomware, which is relatively new but has already caused quite some disruption. Read along for the top 10 highlights from the past 24 hours.
Top Breaches, Malware, and Vulnerabilities Reported in the Last 24hrs
The Hive ransomware group claimed to have posted the customer data of French sports giant Intersport, which it stole during a November attack, on its leak site.
HR, benefits, and payroll management company Sequoia notified its customers of a data breach that occurred between September 22 and October 06, which compromised their names, contact details, SSNs, and other sensitive personal information.
New York-based Metropolitan Opera suffered a cyberattack that shut down its network systems, including its call center, website, and box office.
The HC3 published a new warning against the relatively new Royal ransomware group that has been targeting healthcare entities in the U.S.
Iranian state-sponsored MuddyWater APT group was found leveraging compromised corporate email accounts to deliver phishing emails to its targets, using the remote administration tool Syncro.
Threat Fabric researchers spotted Zombinder, a third-party darknet service used to embed malicious payloads in legitimate Android apps, resulting in victims infecting themselves.
Researchers found that common misconfigurations arising from how DNS is implemented in an environment can put air-gapped networks and high-value assets at risk.
KELA reported that darknet marketplaces are selling stolen corporate email addresses at prices ranging from $2 to $30, with at least 250,000 accounts for sale.
Web Explorer – Fast Internet, an Android browsing app, left a Firebase instance open, exposing days’ worth of app and user data, including hardcoded sensitive information.
Threat-informed defense surface management platform Interpres Security emerged from stealth with $8.5 million in seed funding round, led by Ten Eleven Ventures.