Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum. The threat actor behind this data leak, known as Nam3L3ss, published over 2.8 million lines of Amazon employee data, including names, contact information, building locations, email addresses, and more. Amazon spokesperson Adam Montgomery confirmed Nam3L3ss' claims, adding that this data was stolen from systems belonging to a third-party ser
aws (6)
A criminal operation called Emeraldwhale has been discovered after it dumped more than 15,000 credentials belonging to cloud service and email providers in an open AWS S3 bucket, according to security researchers. The unknown data thieves embarked on a "massive scanning campaign" between August and September, looking for servers with exposed Git configuration and Laravel environment files. "This campaign used multiple private tools that abused multiple misconfigured web services, allowing atta
Sentinel Labs blog has provided the following stories: * Interpol-Led Operation Cracks Down on West African Cybercrime Syndicates - Operation Jackal III was a month-long law enforcement effort that involved 21 countries. This week, Interpol reported some 300 arrests, the identification of over 400 suspects, 720 blocked bank accounts, and the seizure of $3 million in illicit funds, all to dismantle multiple criminal networks globally. Among the affected crime syndicates, Black Axe has been a
A new phishing campaign has been observed delivering Remote Access Trojans (RAT) such as VCURMS and STRRAT using a malicious Java-based downloader. The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub, employing a commercial protector to avoid detection of the malware, an unusual aspect of the campaign is VCURMS' use of a Proton Mail email address ("sacriliage@proton[.]me") for communicating with a command-and-control (C2) server.
The attack chain commences
Recently, security researchers have uncovered close to 4,000 unique secrets inside nearly 3,000 PyPI packages https://pypi.org and says that more than 760 of these secrets were found to be valid. Overall, the researchers identified 151 individual types of secrets, including AWS, Azure AD, GitHub, Dropbox, and Auth0 keys, credentials for MongoDB, MySQL, and PostgreSQL, and SSH, Coinbase, and Twilio Master credentials.
Valid credentials pose a critical and immediate threat to organizations, as
Activity Summary - Week Ending 28 August 2020:
- Fairdeal Furniture LTD, located in Mombasa Kenya is still Keylogged
- Red Sky Alliance observed 26 unique email accounts compromised with Keyloggers
- Analysts identified 68,495 connections from new unique IP addresses
- Red Sky Alliance identified 3,148 new IP addresses participating in various Botnets
- Team TNT targeting AWS using Kinsing variant
- Maze Ransomware
- US SBA Loan Relief Phishing Campaign
- Oil prices remain somewhat stagnant – even with Hurrica
