Darkworldhacker Daily Cybersecurity Roundup, March 10, 2022
Updated: Mar 11, 2022
Back-to-back breach claims by the Lapsus$ ransomware group have various industries worried. Now, a renowned telecom giant may have lost gigabytes of source code to hackers. Meanwhile, a multispecialty clinic in Alabama sent a vague leak notice to hundreds of thousands of patients. Also, read about how a pair of new ransomware threats are impacting the cybersecurity space. Continue to scroll to find out other key highlights from the last 24 hours.
Lapsus$ group claimed to have obtained nearly 200GB of source code files from Vodafone. The data allegedly represents about 5,000 GitHub repositories.
Alabama-based Norwood Clinic disclosed a breach impacting 228,103 patients. The investigation could not find what type of data may have been accessed by the unauthorized third party.
Trend Micro reported about a new ransomware threat dubbed Nokoyawa, which has striking similarities to the Hive group. Its targets were found in South America, primarily in Argentina.
Website Planet estimated that at least nine out of 10 Russian cloud databases have been compromised by the Pro-Ukraine forces. Adversaries are wiping off data, renaming files, and exfiltrating data for future attacks.
Iranian MuddyWater APT is behind a new series of attacks targeting Turkey and the Arabian Peninsula. The espionage group deploys SloughRAT, capable of executing arbitrary code and commands received from its control infrastructure.
Sophos warned against the Qakbot botnet that is spreading through email thread hijacking. Their reply includes a short sentence and a link for a ZIP file containing a malicious Office document.
Security experts unveiled a suspected ransomware attack targeting a gambling firm. According to them, the actors employed open-source utilities as well as customized tools typically used by APT groups.
The U.K’s NCSC released new guidance for data center owners and users to help them secure customer data and related operations as the geopolitical situation worldwide intensifies.
Threat intelligence feed provider Cybersixgill raised $35 million in Series B round led by More Provident and Pension Funds and REV Venture Partners. Other investors also participated in the round.
Minnesota-based HelpSystems agreed to acquire Alert Logic, a provider of MDR services. The terms of the agreement were not disclosed.