VK Data Leak, Voldemort Malware Abusing Google Sheets, DICK’S Sporting Goods Cyberattack and more.
VK Data Leak Exposes 390 Million Users: HikkI-Chan Strikes Again
HikkI-Chan leaked personal information of over 390 million VK users Sources are claiming that the breach resulted from a second-order breach via a third-party source. The exposed data includes names, cities, countries, and profile image URLs, but not passwords. VK denies direct server breaches, stating the data was publicly available. Read more
Voldemort Malware: A New Threat Abusing Google Sheets for Data Exfiltration
A new malware named “Voldemort” has emerged, targeting organizations globally. It exploits a multi-stage attack involving phishing emails disguised as tax communications, leading victims to deceptive landing pages. Upon clicking, a malicious Python script executes, collecting system data while displaying a decoy PDF. Notably, Voldemort uses Google Sheets for command and control, facilitating data exfiltration and remote command execution. Read more
DICK’S Sporting Goods Cyberattack Shuts Down Email and Locks Employee Accounts
DICK’S Sporting Goods faced a cyberattack on August 21, 2024, resulting in unauthorized access to confidential information. In response, the company activated its cybersecurity plan, shutting down email systems and locking employee accounts to contain the breach. Employees were restricted from accessing systems, with IT manually validating identities. The incident has been reported to law enforcement, and the full impact is still under assessment. Read more
TfL Cyberattack: Transport for London Under Attack
Transport for London (TfL) is investigating an ongoing cyberattack but assures no impact on services. TfL started immediate containment measures, with no evidence of customer data compromise. TfL has engaged with the National Crime Agency and the National Cyber Security Centre to manage the incident. The situation underscores the vulnerability of critical infrastructure to cyber threats and highlights the importance of robust security practices. Read more
What is a DDoS Attack – A Complete Guide
DDoS attacks disrupt services by overwhelming targets with traffic, utilizing botnets of compromised devices. Key types include application layer, protocol, and volumetric attacks. Effective mitigation requires multi-faceted strategies like rate limiting and web application firewalls. Understanding DDoS threats is essential for businesses to protect their online presence. This comprehensive guide explores DDoS attacks, detailing their mechanics, types, and mitigation strategies. Stay informed and secure your operations. Read more
CBIZ Discloses Data Breach Affecting Nearly 36,000 Individuals
CBIZ reported a data breach impacting nearly 36,000 individuals, caused by a vulnerability on its web page between June 2 and June 21, 2024. The breach exposed sensitive personal information, including names, Social Security numbers, and health information. Although no misuse of data has been confirmed, affected clients are being notified and offered credit monitoring services. Read more
