Thought Leadership
Old gaps, new access
Despite security updates being installed, cyber criminals have managed to gain permanent access to FortiGate devices. The attackers exploit known vulnerabilities that have long since been closed – but they go one better: they leave behind a so-called backdoor through which they retain access even after the patch.
Data leak with far-reaching consequences
A massive hacker attack has exposed the data of over 118,000 patients in the USA. The company affected is New York-based Endue Software, which provides digital infrastructure for infusion centers.
International cooperation
The German Federal Office for the Protection of the Constitution and the British National Cyber Security Center warn of the danger posed by the malware programs “Moonshine” and “BadBazaar”.
An old trick with a new twist
Despite its age, the ClickFix method remains a popular tool in the arsenal of cybercriminals. Security researchers from Sophos X-Ops came across the sophisticated attack tactic again in their latest analysis.
WK Kellogg has confirmed a data breach in which sensitive employee data was compromised by exploiting a vulnerability in its Cleo file transfer software.
Car rental company is being blackmailed
The Europcar Mobility Group has been the victim of a targeted cyber attack. Unknown persons gained access to the international car rental company’s GitLab repositories and captured both the source code of the mobile applications and customer data.
Questionable crisis communication
The US software company Oracle has admitted to selected customers that attackers have stolen customer access data after compromising a “legacy environment”. This was reported by Bloomberg.
Session tokens are also recorded
Security researchers from Sophos X-Ops have investigated the workings of Evilginx. The malware, which is based on the widely used open source web server nginx, poses a significant threat to IT security by enabling targeted adversary-in-the-middle attacks and can even bypass multi-factor authentication (MFA).
With fake references
A single North Korean agent operated with twelve different identities in Europe and the USA at the same time, while other IT employees were specifically looking for jobs in Germany and Portugal.
A treasure trove for cyber criminals worldwide
Massive data leak at Samsung Germany: around 270,000 customer service tickets were apparently posted on the Internet by a hacker using the pseudonym “GHNA”. The incident could probably have been prevented with basic security measures.