Top Breach Incidents Reported in the Last 24 Hours
Slovak Foreign Ministry breached
Recently, Slovak Foreign and European Affairs Ministry was hit by a massive-scale cyber-attack. This attack was uncovered due to the non-standard behavior of the computers. The attackers carried out this campaign with the goal of filtering sensitive data and then transferring them to servers abroad. Slovak PM ensured that an investigation is ongoing and they’ll be investing more in cyber defenses.
Millions of voter info leaked
A misconfigured AWS S3 bucket operated by the Tea Party Patriots Citizens Fund (TPPCF) leaked info of over 527,000 voters. As a result, names, contact numbers, states of residence, and voter ID numbers of thousands of people got compromised. The exposed data also includes strategy documents, call scripts, marketing assets, and other files revealing a focused effort to politically mobilize US voters. Attackers can not only read the files but also can modify them.
Top Malware Released in the Last 24 Hours
MartyMcFly malware campaign
A new cyber-attack campaign was carried out against the Italian Naval industry where the MartyMcFly malware was used. The campaign started with a well-crafted email, detailing spare parts matching the real engine parts. It targeted the right office asking for naval engine spare parts prices. Two malicious email attachments were used. The first one was a company profile, aiming to present the company who was asking for spare parts. The 2nd one was a Microsoft.XLSX where the list of the needed spare parts was available. The attacker asked for a quotation of the entire spare part list available on the spreadsheet.
GandCrab developers released decryption keys
The GandCrab developers have released the decryption keys for Syrian victims in an underground hacking and cybercrime forum. This initiative was taken in response to a Tweet where a Syrian victim asked for help after photos of his deceased children were encrypted. The release includes keys for GandCrab version 1.0.0 through 5.0 and each line contains the victim ID, version, and decryption key.