Threats posed by ransomware are not only dangerous but also oddly baffling. Having said that, the lesser-known Zeppelin ransomware has come back to life after lying dormant for a short period. A new version of the ransomware has been making the rounds on a hacker forum, offering cybercriminals in the ransomware business a new way to encrypt more data.
Updates on the two-year-old CryptoCore heist have come to light in the last 24 hours. Researchers attributed the attacks to the North Korean Lazarus threat actor group. The campaign started in 2018 and relied on spear-phishing attacks to gain an initial foothold.
Top Breaches Reported in the Last 24 Hours
Updates on CryptoCore heist
New research reveals that the North Korean Lazarus threat actor group is behind CryptoCore’s multimillion-dollar cryptocurrency heists. The campaign had started in 2018 and relied on spear-phishing attacks to gain an initial foothold.
Bergen Logistics exposes data
A database belonging to Bergen Logistics remains exposed for public access without any security authentication. It includes 467,979 records, all relevant to shipments and customers. The records contain names, addresses, order numbers, and email addresses of customers.
The leak of personal data
Indonesia’s government has admitted to the leak of personal data linked to millions of citizens on the RaidForums dark web market. The data was stolen from a national health insurance scheme
Badan Penyelenggara Jaminan Sosial (BPJS).
Top Malware Reported in the Last 24 Hours
Zeppelin ransomware enhanced
Zeppelin ransomware has returned with a new version after a long period. Researchers claim that the new variant was available on a hacker forum at the end of last month. It includes new features to increase the stability of the encryption.
Top Vulnerabilities Reported in the Last 24 Hours
Details about flaws disclosed
Technical details of 13 vulnerabilities found in the Nagios network monitoring application have been disclosed by researchers. The flaws can be exploited by threat actors to hijack the targeted infrastructure. The most severe of these is tracked as CVE-2020-28648 and is related to an improper input validation issue.