MongoDB is warning that they were a victim of a cyber attack. They say their corporate systems were breached on Dec 13 and that customer data was exposed. At this time, MongoDB is not aware of any exposure to data stored in MongoDB Atlas. MongoDB is recommending all customers to enable MFA, rotate accounts, and be vigilant against social engineering attacks.
This time, it's (get this...) my employer's Canadian subsidiary's group health plan's provider's banking partner's provider of file transfer services, #MOVEit.
"The type of #data accessed could include any of..." <everything needed for #identity#theft>, and as an extra-special bonus, "#Health information relating to a claim"!
A proposed class-action lawsuit against 23andMe could include more people in Canada than originally anticipated, experts say, after the genetic testing company said a data breach affected millions more customers than initially believed.
A statement from the company on Tuesday said hackers have gained access to roughly 6.9 million profiles on the site — nearly half its client base. Those profiles contain delicate personal data
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #47/2023 is out! It includes the following and much more:
➝ 🔓 🇬🇧 University of Manchester #CISO Speaks Out on Summer Cyber-Attack
➝ 🔓 🇺🇸 Hacktivists breach U.S. nuclear research lab, steal employee data
➝ 🔓 👀 Sumo Logic Completes Investigation Into Recent Security #Breach
➝ 🔓 🇺🇸 Auto parts giant AutoZone warns of #MOVEit data breach
➝ 🔓 🇨🇦 Canadian government discloses data breach after contractor hacks
➝ 🇦🇫 New 'HrServ.dll' Web Shell Detected in #APT Attack Targeting Afghan Government
➝ 🇬🇧 🇰🇷 UK and South Korea: Hackers use zero-day in supply-chain attack
➝ 🇵🇸 🇮🇱 #Hamas-Linked #Cyberattacks Using Rust-Powered SysJoker #Backdoor Against #Israel
➝ 🇷🇺 😱 “They are tired of him, but they are afraid”: what is known about the leader of the hacker group Killnet
➝ 🇰🇵 N. Korean Hackers Distribute Trojanized #CyberLink Software in Supply Chain Attack
➝ ▶️ 🛒 Play #Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals
➝ 🇮🇳 Indian Hack-for-Hire Group Targeted U.S., #China, and More for Over 10 Years
➝ 🇷🇺 Russian hackers use #Ngrok feature and #WinRAR exploit to attack embassies
➝ 🇺🇸 🩺 #CISA Releases Cybersecurity Guidance for #Healthcare, Public Health Organizations
➝ 🇬🇧 🙏🏻 Thanking the vulnerability research community with #NCSC Challenge Coins
➝ 🧅 #Tor Network Removes Risky Relays Associated With #Cryptocurrency Scheme
➝ 🇺🇦 👋🏻 #Ukraine fires top cybersecurity officials
➝ 🩹 Johnson Controls Patches Critical #Vulnerability in Industrial Refrigeration Products
➝ 🦠 🦀 New WailingCrab #Malware Loader Spreading via Shipping-Themed Emails
➝ 🦠 📨 New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
➝ 🦠 🎠 NetSupport #RAT Infections on the Rise - Targeting Government and Business Sectors
➝ 🚫 Google #Chrome will limit ad blockers starting June 2024
➝ 🐛 ☁️ 3 Critical Vulnerabilities Expose #ownCloud Users to Data Breaches
➝ 🔓 ☁️ Researchers Discover Dangerous Exposure of Sensitive #Kubernetes Secrets
➝ 🔓 ☝🏻 New Flaws in Fingerprint Sensors Let Attackers Bypass #Windows Hello Login
➝ 🔓 🩸 ‘#CitrixBleed’ vulnerability targeted by nation-state and criminal hackers: CISA
➝ 🐡 Researchers extract RSA keys from #SSH server signing errors
📚 This week's recommended reading is: "How I Rob Banks: And Other Such Places" by FC a.k.a. Freakyclown
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #46/2023 is out! It includes the following and much more:
➝ 🔓 🇯🇵 #Toyota confirms breach after Medusa #ransomware threatens to leak data
➝ 🇺🇸 😂 Ransomware gang files #SEC complaint over victim’s undisclosed #breach
➝ 🔓 🪶 Attackers claim Plume Design, Inc data breach
➝ 🇺🇸 💰 #ICBC paid ransom after hack that disrupted markets, #cybercriminals say
➝ 🔓 #Dragos Says No Evidence of Breach After Ransomware Gang Claims Hack via Third Party
➝ 🔓 ✈️ Hackers swipe Booking.com, damage from attack is global
➝ 🇷🇺 🇺🇦 Russian #CyberEspionage Group Deploys #LitterDrifter USB #Worm in Targeted Attacks
➝ 🇮🇱 🇺🇸 Israeli Man Who Made $5M From Hacking Scheme Sentenced to Prison in US
➝ 🇫🇮 ⚖️ Alleged Extortioner of Psychotherapy Patients Faces Trial
➝ 🇺🇸 💸 #LockBit ransomware exploits #CitrixBleed in attacks, 10K servers exposed
➝ 🇺🇸 ⚖️ #IPStorm botnet with 23,000 proxies for malicious traffic dismantled
➝ 👶🏻 🧨 Teens with “digital bazookas” are winning the ransomware war, researcher laments
➝ 💸 #Ethereum feature abused to steal $60 million from 99K victims
➝ 🇩🇰 🇷🇺 #Denmark Hit With Largest #Cyberattack on Record
➝ 🇨🇳 🇰🇭 Chinese Hackers Launch Covert #Espionage Attacks on 24 Cambodian Organizations
➝ 🇲🇾 Major Phishing-as-a-Service Syndicate '#BulletProofLink' Dismantled by Malaysian Authorities
➝ 🇪🇺 🥳 EU Parliament committee rejects mass scanning of private and encrypted communications
➝ 🩹 #ICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider Electric
➝ 🦠 🐍 27 Malicious #PyPI Packages with Thousands of Downloads Found Targeting IT Experts
🇻🇳 🇮🇳 Vietnamese Hackers Using New #Delphi-Powered #Malware to Target Indian Marketers
➝ 🔐 #Google Adds #Passkey Support to New Titan Security Key
➝ 🐛 Zero-Day Flaw in #Zimbra Email Software Exploited by Four Hacker Groups
➝ 🩹 #SAP Patches Critical Vulnerability in Business One Product
➝ 🐛 New #Reptar CPU flaw impacts Intel desktop and server systems
➝ 🐛 New #CacheWarp AMD #CPU attack lets hackers gain root in Linux VMs
📚 This week's recommended reading is: "Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World" by @marcusjcarey and Jennifer Jin
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️