loder images

website, webapp, sql, deface,
sensitive_data, hacker, ransomewhere, phishing, mobile,
social_engineering, cybersecurity on 3 page

236
Threatsploit
164
Data Loss
169
Reputation Loss
69
Financial Loss
October 04,2018

North Korean Hackers Tied to $100 Million in SWIFT Fraud

Presented on oct 2018, Repercussions-$100 M on Swift spoofing .

More than $100 million during illegitimate transfers through SWIFT have been conjured and stealthily deceived due to the incessant hacking attacks by an anonymous gang of North Korean Hackers (APT38) on the banks in Asia and Africa- says an U.S cybersecurity firm. These APT38 hackers group are different from the North Korean Hackers groups known as Lazarus and Temp.Hermit. The attackers whom launch long, sustained and stealthy attacks against the locked targets are the ones referred to the APT designation. More than 16 hacking operations in 11 countries have been conducted by the APT38 hackers group, since 2014 with FireEye researches in a Wednesday blogpost indicating that the group is large progressing more prolific operations with magnanimous resources.

Types of Attacks : Data Breach ,
Types of Loss : Financial Loss ,
Cause Of Issue : Lack Of Awarness , Poor Security Process ,
Verticals : Network ,
September 21,2018

Malware steals personal information from 6.4m shein customer

The famous online fashion retailer, SheIn.com, has notified its customers of a serious data breach after malicious hackers stole the details of more than 6.4 million people. Shein has noticed that personal information of its customers was stolen during a sophisticated criminal cyber attack on its computer network,” the retailer stated on its official website. The note, released on 21 September, indicates that as a result, the retailer said it hired a well-known forensic cybersecurity firm as well as an international law firm to help it investigate the incident further. Shein said that the breach is associated with a cyber attack on its computer network that caused a malware being planted on its servers. Our investigation has confirmed that the perpetrators gained access to email addresses and encrypted password credentials of customers who registered on the company website,” Shein said in its official statement, stressing that there is no evidence that credit card information was stolen. “
 

Types of Attacks : Data Breach , Malicious Input Control , Malicious Controls ,
Types of Loss : Data Loss , Reputation Loss ,
Cause Of Issue : Lack Of Maintainance , Poor Security Process ,
Verticals : Network ,
November 29,2018

Data of 7,000 Tandigm Health Patients Exposed by Site Vulnerability

A vulnerability in a website which was exposed for more than a period of 6 months from April 24th to December 31 2017 that exposed the personal data’s of about 7k patients that include names, DOB, medical data and health insurance information, reports a Philadelphia based Tandigm on November 29th 2018.After the detection of vulnerability existence, a forensic team were hired for investigation to confirm whether data’s were breached.Tandigm has enhanced its existing security features with better ones and staffs are also given awareness about issues. Further, the affected ones were offered 2 years of free credit monitoring and identity protection service.Another phishing attack on Georgia spine and
orthopaedics of Atlanta corrupted the personal health information of 7k patients due to an unauthorized access in an employee email through phishing technique. Post acknowledgement, a forensic team were hired for investigation.The investigators figured out that the hack was contained to a single email account with patient names, Social security numbers and driver’s license numbers being breached.2.6 million patient’s records were breached due to a third-party billing vendor AccuDoc, with patient data’s being compromised over a week, notifies Atrium health.This is the second time Health Equity has been beached this year.

Types of Attacks : Social engineering , Data Protection ,
Types of Loss : Data Loss , Financial Loss ,
Cause Of Issue : Lack Of Awarness , Poor Development Pratice , Poor Security Process ,
Verticals : Web Application ,
October 13,2018

SSNs,Tax Data Exposed in Healthcare.gov Health Data Breach

A Health data breach on Healthcare.gov portal abducted from there the Social Security numbers (SNNs), immigration status. The Centre of Medicare and Medicaid services (CMS) revealed the personal information risks of 75,000-94,000 individuals but concealed in revealing the information’scompromised which contained names, DOB’s, immigrant status, insurance plans and much more. A letter sent to the affected individuals from CMS, informed them that the account numbers, credit card numbers and the diagnosis of treatment data weren’t accessible for the hackers and they promised in offering free identity theft protection services for the breach victims. The various persisting weaknesses were identified by GAO and in response to that, Republican lawmakers sent a letter indicating them to notify them about this complete issue. Todd park, former US chief technology officer was levied by the House Science, Space and Technology Committee in Oct 2014 about his role in developing the Healthcare.gov website. The committee Chairman Lamar Smith lashed out at Obama administration as, “What is the white House trying to Hide? The American citizens deserve to know their personal information”. In July of that year, Healthcare.gov servers got breached, with review indicating that server didn’t contain consumer’s personal information. Also, further measures are implemented by them for security betterment.

Types of Attacks : Social engineering ,
Types of Loss : Data Loss , Financial Loss ,
Cause Of Issue : Lack Of Awarness , Poor Security Process ,
Verticals : Web Application ,
August 02,2018

Samsam ransomware attacks extorted nearly $6 million

By tracking all the Bitcoin addresses researchers were able to find, Sophos says it identified at least 233 victims who paid a ransom to the SamSam crew. Half of the victims who paid were private sector companies, while around a quarter was healthcare organization, followed by 13% of victims being government agencies, and around 11% being institutions in the education sector. The Sophos team says it identified 157 Bitcoin addresses used in SamSam ransom notes that received payments, and another 88 who did not receive any money. The total funds stored in these addresses is around $5.9 million, which is way more than previous estimates about the group's financial prowess that had its earnings at only $850,000. Sophos says that SamSam usually makes aroundone victim per day, and one in four victims pay the ransom.

Types of Attacks : Malicious Input Control ,
Types of Loss : Financial Loss ,
Cause Of Issue : Lack Of Maintainance ,
Verticals : Web Application , Original Equipment Manufacturer(OEM) ,
August 28,2018

Bank of spain hit with ddos attack

The Bank of Spain’s website hit by a distributed denial-of-service attack which disrupted access to the site. The attack didn’t affect the bank’s services or communications with the European Central Bank or other institutions. DDoS attack main aims to exhaust the resources of a network,application or service that leads an organization to face the various technical impacts. It is a denial of service attack that intermittently affects access to the website, but it has had no effect on the normal functioning or data breach of the entity. This kind of Powerful DDoS attacks always ends up costing your organization tens of thousands of dollars in man-hours, lost business and reputation damages.

Types of Attacks : Targeted Attack ,
Types of Loss : Reputation Loss , Financial Loss ,
Cause Of Issue : Lack Of Awarness , Lack Of Maintainance , Poor Security Process ,
Verticals : Network ,
August 25,2018

Babysitting app suffers ‘temporary data breach’ of 93,000 users

Babysitting-booking app Sitter “temporarily” exposed the  personal data of 93,000 account holders, according to a researcher who recently discovered the trove of data using the Shodan Internet of Things (IoT) search engine. Bob Diachenko explains how he found the 2GB MongoDB database on August 13, which contained phone numbers, addresses, transaction details, phonebook contacts, partial credit card numbers, and encrypted account passwords. Other information included in-app chat and notification history, plus details of which users needed a babysitter at what time and at which address.

Types of Attacks : Data Breach , Access Control ,
Types of Loss : Data Loss ,
Cause Of Issue : Poor Security Process ,
Verticals : Mobile Application ,
June 16,2017

Bupa Fined $228,000 After Stolen Data Surfaces on Dark Web

Presented on oct 2018, Repercussions-Fined $228000 data surfaces ok darkweb, website- www.bupa.com
BUPA insurance services were levied with a hefty amount of ($228,000) by the U.K data protection regulator for preventing to stop an personnel from deceiving 547,000 customer records, which was later hosted on the dark web.The information Commisioner’s Office infuriated against BUPA, slamming that they failed to secure the personnel’s data’s perhaps a time period of 3 months being granted, post the havoc. U.K’s information Commisioner Elizabeth Denham found that the extracted records from Bupa’s customer relationship management system “Dubbed Swan”, contained almost a whopping magnitude of 1.5 million records which included names, birth names, nationalities, policy-related data that includes email address, phone address, phone numbers and fax numbers with no medical data being pilfered. Also, it was figured out that the inadequacies around SWAN were
“ultimate approach based” rather than the prospect of arising with notions and remediation’s from specific incidents at that time itself without procrastination. According to the ICO’s penalty notice, “Bupa Insurance services is gigantic, well-resourced and an experienced data controller”. In 1988,the ICO found that Bupa violated the elements of the U.K Data Protection Act.

Types of Attacks : Data Breach ,
Types of Loss : Data Loss , Reputation Loss ,
Cause Of Issue : Lack Of Maintainance , Poor Security Process ,
Verticals : Web Application ,
September 17,2017

30,000 irish teachers hit by union breach

The Irish National Teachers’ Organisation (INTO) warns that personal details of up to 30,000 teachers in Ireland may be at risk because of a breach. Teachers who completed online courses on the INTO’s learning website (into learning.ie) in the past few years may be affected The union has announced that the breach occurred last week and allowed hackers to access names, email addresses, city, country, gender and course information. In a limited number of cases, hackers also accessed mobile numbers, school roll number, role in the school, INTO membership number and Teaching Council registration number. The union has confirmed that no payments or passwords were accessed as these are stored separately. The hack has been reported to the Office of the Data Protection Commissioner and An Garda Siochána.
 

Types of Attacks : Data Breach ,
Types of Loss : Data Loss ,
Cause Of Issue : Lack Of Awarness , Poor Security Process ,
Verticals : Web Application ,
June 30,2018

RANSOMWARE ATTACK BREACHES 40,800 PATIENTS RECORDSIN HAWAII

A borough man allegedly stole more than 1,000 medical recordsfrom an East Brunswick storage unit and sold them, according toauthorities. Fernando Rios, 33, was charged Tuesday with identitytheft, trafficking in personally identifying information andburglary, Middlesex County Prosecutor Andrew C. Carey said in arelease. Rios was arrested after a joint investigation with the U.S.Department of Homeland Security, according to the release. It wasunclear when the break-in occurred. Three doctors from EastBrunswick and Somerset stored their patients' medical records inthe storage unit, the release said.The Fetal Diagnostic Institute of the Pacific was hit by aransomware attack on June 30 that potentially breached the dataof 40,800 patients. hackers breached FDIP servers in June, whichincluded some patient records. Officials took immediate action tocontain the incident and enlisted a cybersecurity firm. They wereable to successfully remove the virus, and confirm no malwareremained. The data of both past and current patients wereimpacted by the breach, including names, dates of birth,addresses, medical data and other types of information. Officialssaid FDIP doesn’t store the financial data of patients, like creditcard numbers. as the overwhelming majority agrees thatorganizations should not pay hackers the ransom, the right way torestore data is through offline backups.

Types of Attacks : Malicious Input Control , Malicious Controls , Malware ,
Types of Loss : Data Loss , Reputation Loss ,
Cause Of Issue : Lack Of Maintainance , Poor Security Process ,
Verticals : Network ,
August 14,2018

Indian bank hit in $13.5m cyberheist After fbi atm cashout warning

On Sunday, Aug. 12, The FBI was warning banks about an imminent “ATM cashout” scheme about to unfold across the globe, thanks to a data breach at an unknown financial institution. On Aug. 14, a bank in India disclosed hackers had broken into its servers, stealing nearly $2 million in fraudulent bank transfers and $11.5 million unauthorized ATM withdrawals from cash machines in more than two dozen countries.

Types of Attacks : Data Breach ,
Types of Loss : Data Loss , Reputation Loss ,
Cause Of Issue : Lack Of Maintainance , Poor Security Process ,
Verticals : Network , Internet Of Things (IOT) , Original Equipment Manufacturer(OEM) ,
August 30,2018

Leaked data from chinese hotel chainmay affect 130 million customers

Personal data and booking information from 13 hotels operated by Huazhu Hotels Group has reportedly been leaked in data breach A post on a Chinese dark web forum titled “Huazhu-owned hotels booking data” claimed to be selling personal data and information of customers from Huazhu-owned hotels including Hanting Inns, Hi Inn, and JI Hotel. According to local reports, 130 million customers are believed to be affected by the breach. Leaked information potentially includes 240 million lines of data containing phone numbers, email addresses, bank account numbers, and booking details are selling for 8 bitcoins per individual.T he seller reportedly lowered its asking price to 1 bitcoin after the news spread quickly across local media. Huazhu Hotels Group released an official statement (in Chinese) saying that an internal investigation is underway and the public security bureau is investigating the case

Types of Attacks : Data Breach ,
Types of Loss : Data Loss ,
Cause Of Issue : Poor Development Pratice ,
Verticals : Network , Web Application ,
July 26,2017

ARKANSAS ORAL & FACIAL SURGERY CENTER NOTIFIES 128KPATIENTS OF RANSOMWARE INCIDENT

On July 26, 2017, Arkansas Oral & Facial Surgery Center discovered thatits computer network had been impacted by ransomware, a type ofcomputer virus that locks up, or encrypts, information and demands thata payment be made in order to unlock, or decrypt, the information. Wepromptly began an investigation which revealed that the ransomware hadbeen installed on our systems by a unauthorized individual Except for arelatively limited set of patients, our patient information database wasnot affected by the ransomware, however, imaging files, such as x-rays,and other documents such as attachments were impacted.

Types of Attacks : Data Breach , Malware ,
Types of Loss : Data Loss ,
Cause Of Issue : Poor Security Process ,
Verticals : Network ,
September 23,2018

Aspire Health Suffers Email Breach From Phishing Attac

The company suffered a phishing attack on Sept. 3 which gained access to Aspires internal email system. The Tennessean article cites information in the court records that indicates the hacker then forwarded 124 emails to an external email account, including emails that contained “confidential and proprietary information and files” and protected health information. “No other information about the contents of the hacked emails have been made public, so it is unclear how many patients have been exposed and what kind of information was leaked According to an email sent to the Tennessean from Cory Brown, a chief compliance officer for Aspire, the company immediately locked the compromised email account after discovering the phishing attack.Brown added that it is unknown if the stolen emails were actually opened by the hacker.
 

Types of Attacks : Data Breach , Social engineering ,
Types of Loss : Data Loss , Reputation Loss ,
Cause Of Issue : Lack Of Awarness ,
Verticals : Web Application ,
August 31,2018

Aib Loses 550 Bank Customers’ Confidential Information

Allied Irish Banks has issued an “unreserved apology” to hundreds of customers whose private files were lost by a staff member in a significant data breach last month. An AIB staff member “mislaid” a spreadsheet relating to more than 550 AIB customers while travelling between branches in Galway on August 31. The bank has written to those affected and reported the incident to the Office of the Data Commissioner. Printed material containing names and loan and deposit balances, as well as account turnover and annual fees, were among the documents misplaced. A number of “internal bank codes” were also contained in the lost documents. The bank has said that although it is a serious incident, customer accounts cannot be accessed by a third party as a consequence.
 

Types of Attacks : Data Breach , Data Protection , Files and Resources ,
Types of Loss : Data Loss , Financial Loss ,
Cause Of Issue : Lack Of Maintainance , Poor Security Process ,
Verticals : Network ,
October 13,2018

South Korean Gov’t Investigating Bithumb Security Breach, World’s Largest Cryptocurrency Exchange

Presented on oct 2018, Repercussions-crytocurrency exchanges data leaked,
According to reports, funds of Bithumb users were not stolen during the hacking attack. But, sensitive personal and financial information of at least 30,000 users has been leaked. The Seoul Central Prosecutor’s Office for Advanced Criminal Investigation led by supervisor inspector Shin Bongsu, revealed that hackers targeted Bithumb employees with phishing emails, sending malware to the computers used by employees within the Bithumb headquarters. By using the emails of employees, the hackers were able to extract personal information of over 30,000 users.The Seoul Metropolitan Police Agency’s Department of Cybercrime, told reporters that several Bithumb users notified the agency of suspicious transactions and bank account activities. Some users claimed that the personal information that was leaked during the security breach involved banking information, which allowed hackers to withdraw money from the bank accounts of Bithumb users. In the next few days, Bithumb will collaborate with government agencies and the South Korean police to investigate the security breach, and implement necessary security measures to prevent such attacks in the future.

Types of Attacks : Data Breach , Social engineering , Targeted Attack , Malware ,
Types of Loss : Data Loss , Reputation Loss , Financial Loss ,
Cause Of Issue : Lack Of Awarness ,
Verticals : Network ,
September 20,2018

New Android Banking Trojan “Red Alert 2.0” Targeting 60 Banks And Social Apps

Your Android phone gets infected by Red Alert 2.0 banking malware, hackers start to plunder your account to make unauthorised purchases or money transfers, and your bank can’t get hold of you if they suspect something suspicious is occurring. Red Alert 2.0 is said to work on phones running Android version 6.0 (Marshmallow) and earlier. As always, you would be wise to be cautious of what apps you install on your Android device – particularly if they are sourced from unofficial app marketplaces. Whether they are breaking into social media profiles to post spam or raiding online bank accounts to steal money, criminals are dead-set on exploiting innocent people’s mobile devices to make money. Do everything you can to reduce the chances of putting your own smartphone at risk by taking care over what apps you install and where you source them from.
 

Types of Attacks : Access Control , Malware ,
Types of Loss : Data Loss , Financial Loss ,
Cause Of Issue : Lack Of Awarness ,
Verticals : Mobile Application ,
July 21,2016

Union bank was hacked and got its Money back

The Union Bank of India hacking was triggered after an employee clicked on a phishing email that released malware into the bank’s servers. The unidentified hacker was attempting to swindle us of $171 million (about Rs1,100 crore at today’s rates) from our Nostro account.The “phishing” an attempt to obtain sensitive information such as usernames, passwords and other financial details by pretending to be a trustworthy entity—mails were sent to 15 email IDs. Unfortunately phishing email and clicked on the link which released the malware that went viral on the bank’s servers. The hackers would have got their way and swindled the cash but for a silly mistake, they made,according to Shinde.

Types of Attacks : Social engineering , Targeted Attack ,
Types of Loss : Reputation Loss , Financial Loss ,
Cause Of Issue : Lack Of Maintainance , Poor Security Process ,
Verticals : Network ,
August 17,2018

New Php Code Execution Attack Puts Wordpress Sites At Risk

A new exploitation technique that could make it easier for hackers to trigger critical deserialization vulnerabilities in PHP programming language using previously low-risk considered functions. The new technique leaves hundreds of thousands of web applications open to remote code execution attacks, including websites powered by some popular content management systems like WordPress and Typo3. PHP unserialization or object injection vulnerabilities were initially documented in 2009, which could allow an attacker to perform different kinds of attacks by supplying malicious inputs to the unserialize() PHP function.

Types of Attacks : Malicious Input Control , Malicious Controls ,
Types of Loss : Data Loss ,
Cause Of Issue : Poor Development Pratice ,
Verticals : Web Application ,
September 26,2017

Breach At Sonic Drive-In May Have Impacted Millions Of Credit, Debit Cardsf

The Oklahoma City-based chain Sonic confirmed a possible data breach involving credit cards. The thing about these data breaches is they're not stopping. We're just going to continue to see them going on into the future," said Kit Letcher with the Better Business Bureau. a security news website reported the possible breach could have led to what they're calling an online "fire sale" involving a long list of stolen credit and debit cards. It's called The Joker Stash and lists millions of cards for sale, many of which had been recently used at Sonic. What's really scary about it is who's going to take advantage of that and how many times over is your credit card information going to be sold," Letcher said. "What we need to do as consumers is really safeguard our information
 

Types of Attacks : Data Breach , Social engineering ,
Types of Loss : Financial Loss ,
Cause Of Issue : Lack Of Awarness ,
Verticals : Web Application ,