Major cybercrime marketplace, BreachForums, has been taken down by the FBI after the agency seized domains associated with the site.
BreachForums is a key platform used to buy, sell, and exploit stolen data and is notoriously used by well-known cybercrime groups like ShinyHunters.
(–Source: Homeland Security Today
Read More: FBI Seizes BreachForums, Major Cybercrime Marketplace Used by ShinyHunters and Other Threat Groups – HSToday )
Data stolen in a breach on Australian airline, Qantas, has been released online by a cybercrime collective. The compromised information includes the personal information of 5.7 million of the airline’s customers.
The airline has reached out to affected individuals to let them know what information of theirs has been exposed and is urging customers to be wary of calls and emails claiming to be from Qantas.
(–Source: UPI News on MSN
Read More: Qantas hackers release data on 5.7 million customers )
Nine government departments in the UK have had a combined total of more than 700 email address and password combinations exposed online over the past year.
Concerns are arising that, with access to these government domains, the personal data of citizens could be accessed, or critical systems could be targeted. Spokespeople from various departments have spoken up about their security measures and ensured that they are doing everything they can to protect data.
(–Source: The Independent on MSN
Read More: Hundreds of passwords linked to government departments leaked on dark web )
Harvard University was targeted in the recent cybercrime campaign aimed at customers of Oracle’s E-Business Suite (EBS). The university is the first confirmed victim of this attack after it was listed on the Cl0p data leak website.
Allegedly, over 1.3TB of Harvard’s data has been made available by the hackers responsible. Investigation is currently ongoing but it’s believed that the leak only involves “a limited number of parties associated with a small administrative unit.”
The attack likely targeted many more organizations along with Harvard, and involved the exploitation of zero-day vulnerabilities along with malware.
(–Source: Security Week
Read More: Harvard Is First Confirmed Victim of Oracle EBS Zero-Day Hack – SecurityWeek )
Online customers of Canadian Tire Corp, SportChek, Mark’s/L’Equipeur, and Party City may have had their personal information compromised in a data breach earlier this month.
The attack involves online customers with e-commerce accounts at these retailers and may have exposed personal information involving names, addresses, contact information, birth years, encrypted passwords, and partial credit card numbers.
Following the incident, Canadian Tire Corp fixed the vulnerability and is actively working to improve security to avoid future incidents.
(–Source: Global News
Read More: Canadian Tire says recent data breach may have hit online shoppers’ info – National | Globalnews.ca )
Seattle-based cybersecurity provider F5 has revealed that state-sponsored hackers gained access to its systems and stole data in August of this year.
The company contained the breach, but the hackers managed to achieve long-term, persistent access to certain systems and exfiltrate files containing BIG-IP source code and undisclosed vulnerabilities that are being worked on.
Certain federal networks use F5 devices and software, which has lea CISA to voice concern about imminent threats to these networks. F5 is investigating the incident with the help of cybersecurity professionals and is working on improving internal security.
(–Source: PC Mag on Yahoo! News
Read More: ‘Imminent Threat’: Nation-State Hackers Hit Cybersecurity Provider F5 )
