RE/MAX Targeted by Medusa Ransomware in Alleged 150GB Data Breach

Medusa ransomware claims to have breached RE/MAX, demanding $200,000 to prevent the release of 150GB of sensitive data. The hackers published sample files showing full names, commission summaries, and internal documents. They issued an 18-day deadline for payment. Although much of the data appears publicly accessible, risks of identity theft and financial fraud remain, particularly if more sensitive information is included in the full dataset. Read more

German Cybersecurity Agency Flags Critical Windows Server 2025 Flaw Enabling Domain Takeover

Germany’s BSI has issued a warning about a critical flaw in Windows Server 2025 related to delegated Managed Service Accounts (dMSA). Researchers identified the vulnerability, named “BadSuccessor,” allowing unauthorized users to control entire domains without verification. While Microsoft rated the issue as moderate, BSI rated it 9.9 out of 10. No patch has been released, prompting calls for organizations to restrict dMSA permissions and audit configurations. Read more

1.6 Million Customer Emails Exposed in Etsy and TikTok Shop Data Leak

A misconfigured Azure storage bucket leaked over 1.6 million customer emails from Etsy and TikTok Shop. The exposure included sensitive information such as full names, addresses, and order details. The leak was traced back to a Vietnam-based embroidery service operating multiple storefronts. Threat actors could exploit this data for phishing attacks and social engineering scams. The lack of authentication on the bucket allowed for open access to sensitive email confirmations. Read more

Everest Ransomware Targets Jordan Kuwait Bank in Alleged Data Breach

Everest ransomware claims to have breached Jordan Kuwait Bank, exfiltrating 11.7GB of sensitive internal data, including details of 1,003 employees. The hackers set a ransom deadline for May 31. Screenshots of employee records, including names, job titles, and bank account details, were shared as proof. Cybersecurity experts warn that this breach could facilitate identity theft and targeted phishing campaigns, posing significant operational security risks for the bank. Read more

Chaos Ransomware Claims Attack on Global Charity Giant Salvation Army

Chaos ransomware has claimed responsibility for a cyberattack on the Salvation Army, threatening to leak sensitive data unless demands are met. Although the specific data type remains undisclosed, the group has publicly warned of an imminent release. Founded in 1865, the Salvation Army operates globally, and the breach could lead to serious implications for data governance and security within the nonprofit sector. Read more

Alleged AT&T Data Breach Exposes 31 Million Records

A hacker group claims to have leaked 31 million AT&T customer records, including personal details such as tax IDs and IP addresses. However, researchers have been unable to confirm the breach due to a limited sample size. The potential exposure raises significant risks for identity theft and financial fraud. AT&T has not yet commented on the allegations, and the ongoing activity from the attacker suggests more data may be released soon. Read more

Russian Espionage Group ‘Laundry Bear’ Hacks Dutch Police and NATO-Aligned Targets

The Dutch intelligence services have linked a new Russian hacking group, Laundry Bear, to cyberattacks on NATO entities and the Dutch police. The group successfully breached the police network, obtaining sensitive data, including the Global Address List. Researchers indicated that the attacks involve credential theft and exploitation of cloud platforms. The group’s activities pose serious risks to military and diplomatic operations within NATO countries. Read more

Firmware and Bootloaders Under Attack as Hackers Target Pre-OS Environments

Hackers are increasingly targeting firmware and bootloaders to exploit pre-OS vulnerabilities. Attacks utilize bootkits such as BlackLotus and BootHole, which can bypass Secure Boot protections. These vulnerabilities allow attackers to maintain persistence and evade detection by loading malware before the operating system initializes. Experts emphasize the need for robust security measures, including up-to-date signature policies and firmware restoration, to combat these sophisticated threats. Read more

Everest Ransomware Gang Targets $5.4B Global Hospital Group Mediclinic

The Everest ransomware group has targeted Mediclinic, claiming to have stolen 4GB of internal data involving 1,000 employees. The group demands ransom to prevent the public release of the data. Although Mediclinic has not confirmed the breach, the exposure of internal documents could lead to identity theft and further attacks on the bank’s systems. The attack underscores the growing trend of ransomware targeting critical healthcare infrastructure. Read more

Coca-Cola Data Breach: Employee Details Leaked After Ignored Ransom Demand

The Everest ransomware group has leaked Coca-Cola employee data after the company failed to respond to ransom demands. The breach includes sensitive documents such as passport scans and government IDs of 959 employees, primarily from the Middle East operations. This exposure raises serious risks of identity theft and fraud. The ongoing attacks highlight the vulnerability of large corporations to ransomware threats. Read more

Rhysida Ransomware Gang Claims Cyberattack on Brazilian Chevrolet Retailer

The Rhysida ransomware group has claimed responsibility for a cyberattack on a Brazilian Chevrolet retailer, reportedly stealing sensitive customer and operational data. The group has threatened to publish the data unless a ransom is paid. The incident highlights the ongoing trend of ransomware attacks targeting automotive and retail sectors, emphasizing the need for enhanced cybersecurity measures in these industries. Read more

Coinbase Faces Investor Lawsuit After Data Breach Exposes 69,000 Customers

Coinbase is facing a lawsuit after a data breach exposed personal information of approximately 69,000 customers. The incident involved unauthorized access through a third-party vendor, raising concerns about the security of customer data in cryptocurrency exchanges. The lawsuit highlights the potential legal and financial repercussions for companies that fail to adequately protect user information. Read more

Global Data Breach Exposes 184 Million Credentials from Major Tech and Government Platforms

A significant data breach has exposed 184 million user credentials from various tech and government platforms. This incident underscores vulnerabilities in data security practices across multiple sectors. The breach raises alarms about the potential for identity theft and unauthorized access to sensitive information, prompting calls for immediate action to enhance cybersecurity protocols. Read more

Healthcare Data Breaches Hit Providers in Four U.S. States Impacting Over 60,000 Individuals

Recent cyberattacks on healthcare providers across four U.S. states have compromised data for over 60,000 individuals. The breaches involved unauthorized access to patient records and personal information, raising significant concerns about patient privacy and security. Healthcare organizations are urged to strengthen their cybersecurity measures to protect sensitive data from increasing threats. Read more

U.S. and Allies Release Security Guidance to Protect AI Models from Tampering and Exploitation

The U.S. government and its allies have issued new security guidance aimed at protecting artificial intelligence models from tampering and exploitation. The recommendations focus on securing AI systems against adversarial attacks and unauthorized modifications, emphasizing the importance of robust security protocols in the evolving landscape of AI technology. Read more

Adidas Confirms Third-Party Data Breach Exposing Global Customer Information

Adidas has confirmed a third-party data breach that has exposed sensitive customer information. The breach involved unauthorized access to customer data through a vendor’s platform, prompting concerns about data security practices in retail. Adidas is working to assess the extent of the breach and mitigate any potential risks to customer information. Read more

Cetus Protocol Hit by $223 Million Cryptocurrency Heist; $5M Bounty Offered

The Cetus Protocol has fallen victim to a major cryptocurrency heist, resulting in a loss of $223 million. The attackers have offered a $5 million bounty for information leading to the recovery of the stolen funds. This incident highlights the vulnerabilities associated with decentralized finance platforms and the increasing risks in the cryptocurrency landscape. Read more

Qilin Ransomware Gang Targets Luxury Jet Firm Elit Avia; Leaks Staff Documents

The Qilin ransomware group has targeted luxury jet firm Elit Avia, leaking sensitive staff documents online. The attack underscores the growing trend of ransomware groups focusing on high-value targets within specialized industries. The leaked information poses significant risks to the privacy and security of affected employees. Read more

Operation Endgame Dismantles 300 Servers in Global Ransomware Infrastructure Crackdown

Operation Endgame has successfully dismantled 300 servers associated with global ransomware operations. This coordinated effort by law enforcement agencies aims to disrupt ransomware infrastructure and reduce the impact of cybercrime. The operation highlights the ongoing battle against ransomware and the importance of international collaboration in addressing cyber threats. Read more

Ransomware Attack on Kettering Health Forces Mass Procedure Cancellations and Exposes Patient Safety Risks

A ransomware attack on Kettering Health has resulted in mass procedure cancellations and raised serious patient safety concerns. The breach has compromised access to critical health records, underscoring the vulnerabilities facing healthcare institutions in the face of cyber threats. The incident emphasizes the urgent need for robust cybersecurity measures within healthcare systems. Read more

---

Podcasts

Systemd as a Weapon: How PumaBot Exploits Linux Persistence

The podcast discusses how PumaBot leverages systemd for persistence in Linux environments. It highlights the techniques used by attackers to maintain control over compromised systems, emphasizing the importance of understanding these methods for effective defense strategies. Read more

Ransomware Hits MathWorks: Week-Long Outage Disrupts Millions

This episode covers the ransomware attack on MathWorks that caused a week-long outage. The discussion includes the impact of the attack on operations and the subsequent recovery efforts, shedding light on the vulnerabilities faced by software companies. Read more

Zscaler Acquires Red Canary: What It Means for AI-Powered Security Operations

The podcast analyzes Zscaler’s acquisition of Red Canary, exploring the implications for AI-driven security operations. It discusses how this merger aims to enhance threat detection capabilities and improve overall cybersecurity strategies for organizations. Read more

DragonForce Breaches MSPs via SimpleHelp Flaws: Inside CVE-2024-57726

This episode delves into the DragonForce breaches affecting managed service providers through SimpleHelp vulnerabilities. It examines the technical details of the exploits and the security implications for affected organizations. Read more

Fentanyl, Firearms, and $200M in Crypto: Dark Web Crime Meets Global Law Enforcement

The podcast discusses the intersection of dark web crime involving fentanyl and firearms, alongside a $200 million cryptocurrency heist. It covers law enforcement’s response and the ongoing challenges in combating cybercrime. Read more

Marlboro-Chesterfield Pathology Ransomware Breach: 235,000 Patients Affected

This episode covers the ransomware breach affecting Marlboro-Chesterfield Pathology, which impacted 235,000 patients. It discusses the consequences of the breach and the importance of safeguarding patient data in healthcare. Read more

How Infostealers Like Stealc Use TikTok Accounts to Exfiltrate Stolen Data

The podcast examines how infostealers, such as Stealc, exploit TikTok accounts for data exfiltration. It highlights the methods used and the implications for data security across social media platforms. Read more

The Great Screenshot Scandal: Microsoft Recall and Signal’s DRM Shield

This episode discusses the controversies surrounding Microsoft’s recall and Signal’s DRM shield. It explores the security implications of these technologies and their impact on user privacy. Read more

Bumblebee Malware Returns: IT Pros Targeted Through SEO Poisoning and Typosquatting

The podcast highlights the resurgence of Bumblebee malware, targeting IT professionals through SEO poisoning and typosquatting techniques. It discusses the evolving tactics used by cybercriminals to compromise systems. Read more

FBI Warns of Luna Moth Tactics: Inside the Silent Ransom Groups’ Law Firm Attacks

This episode covers FBI warnings regarding Luna Moth tactics used in law firm attacks by silent ransomware groups. It details the methods employed and the implications for legal organizations facing cyber threats. Read more