Wymondham College became the latest educational institution to fall victim to an advanced cyberattack. While we keep harping on the dangers of misconfigured databases, a huge aviation company was found leaking its confidential data in a similar fashion. Fret not, the database has been secured. In another vein, U.S. citizens lost billions to online scammers last year, revealed the FBI. Here are the top 10 highlights from the past 24 hours.
01
U.K’s largest state boarding school, Wymondham College, disclosed suffering a sophisticated cyberattack that affected its access to a few resources and files.
02
Safran Group, a France-based multinational aviation firm, was found exposing sensitive data owing to a misconfigured database. The data included the Laravel app key, JSON web token key, MySQL credentials, and SMTP credentials for the “no-reply” email.
03
Proofpoint observed multiple new phishing campaigns, including BEC attacks, leveraging the news of Silicon Valley Bank (SVB) collapse, tricking customers into stealing their cryptocurrency.
04
Russian state-sponsored threat actor Nobelium was identified to be responsible for attempted cyberattacks on EU diplomatic entities and government agencies, in a campaign earlier this month.
05
The FBI, in a new report, stated that Americans lost over $10 billion to online scammers in 2022, recording over 800,000 complaints over the year.
06
New report by Akamai revealed that around 10–16% of organizations had DNS traffic originating from their networks toward C2 servers associated with known botnets and various other malware threats in every quarter of 2022.
07
The ALPHV ransomware gang claimed to have conducted a successful attack on Amazon-owned Ring home security company and is now threatening to publish its sensitive data.
08
A new hacker group, named YoroTrooper, was found targeting European nations and organizations in a cyberespionage campaign that started in June 2022.
09
ESET researchers attributed the Tick cyberespionage group to a compromise of an East Asian Data-Loss Prevention (DLP) company catering to military and government entities.
10
New data by Cloudflare highlighted that threat actors were most successful in their phishing attempts by impersonating brands of financial institutions, telecoms firms, and popular tech companies in 2022.
