National Public Data Breach, Pegasus WhatsApp Lawsuit, Hunters International Ransomware using SharpRhino Malware
Nearly Three Billion People’ Personal Data Exposed in Major National Public Data Breach
Hacker group USDoD hacked into background check company National Public Data’s unencrypted systems in April 2024, extracting over 277GB of personal details like names, addresses, SSNs of 2.9 billion people scraped without consent over years. A class action lawsuit was filed for damages for negligence from the company for failing to protect such massive private information. Read more
‘The Biggest Fraud Are All Those Fees’ — Customers Express Fury Over Ticketmaster Data Breach Notification Letters
Ticketmaster notified customers of a ransomware attack which compromised their databases containing names, addresses, credit cards. This led to public outrage on social media as customers questioned paying high convenience fees when their data was not protected by default encryption. Others faced financial losses. The lack of details from Ticketmaster about the breach has further angered customers. Read more
Kadokawa Data Breach Compromises Personal Data of Over 250,000 Individuals
The publishing company Kadokawa revealed a data breach affecting over 254,000 individuals after cyber attackers deployed ransomware within their network systems. The breach occurred after credential phishing of employees enabled access to compromise internal data centers of the subsidiary DWANGO. Stolen information included names, addresses, bank details and education records that were found shared online in some cases. Read more
Judge Rules NSO Group Does Not Need to Provide Additional Witnesses in Pegasus WhatsApp Lawsuit
The judge denied WhatsApp’s request to depose more witnesses from NSO Group in Israel and obtain more documents regarding how Pegasus spyware was used to hack 1,400 users through zero-click exploits on WhatsApp. While WhatsApp argued that testimony from three NSO executives was insufficient to explain full spyware deployment practices, the judge ruled the discovery could be obtained from them. This limits WhatsApp’s ability to uncover further technical details of how the advanced spyware was used in the security breaches. Read more
Top 5 Cyber Scams to Watch Out for in 2024
Cybercriminals are leveraging advances like AI to automate phishing sites, social engineering chats, and phone scams impersonating executives in 2024. From technical support scams aiming to access networks, to fake crypto websites stealing funds, businesses must watch out for evolving threats. By learning how hackers exploit trust through deception with emerging technologies, readers can bolster their organization’s defenses. Read more
Hunters International Ransomware Gang Targets IT Workers with New SharpRhino Malware
The ransomware group Hunters International is targeting IT workers through SharpRhino RAT that spreads via Angry IP Scanner site. It abuses PowerShell to compile payloads for stealth and drops batch files executing scripts that modify the registry, create folders for C2, and allow command execution like launching Calculator. The attackers aim to achieve initial access and escalated privileges on corporate networks through infected IT professionals before deploying ransomware. Read more.
