Meta Fined $263.5m Over Data Breach, 390,000 Wordpress Sites Hacked, and More

Meta Fined $263.5m Over Data Breach in Europe

Meta has been fined €263.5 million by Ireland’s Data Protection Commission for GDPR violations linked to a 2018 data breach affecting millions of Facebook users. The investigation revealed insufficient transparency in Meta's data processing practices, particularly regarding user consent for behavioral advertising. The DPC found that users were not adequately informed about the extent of data use. Read more

390,000 WordPress Accounts Hacked by MUT-1244 in Supply Chain Attack

Over 390,000 WordPress credentials were stolen in a year-long supply chain attack by the MUT-1244 group. Attackers exploited trojanized GitHub repositories and phishing campaigns, using zero-day vulnerabilities. The theft included SSH and AWS keys, enabling extensive access to compromised networks. The group utilized backdoored configuration files and malicious npm packages to facilitate data exfiltration. Read more

Rhode Island RIBridges Data Breach: Ransomware Attack Poses Imminent Data Leak Threat

A ransomware attack on Rhode Island's RIBridges system exposed sensitive data of thousands, including names and Social Security numbers. The attack, reported on December 14, led to a state of emergency. Governor McKee warned that data might be released imminently. Affected individuals were advised to monitor accounts and change passwords, while the state offers credit monitoring services. Read more

Cleo Data Theft: Clop Ransomware Gang Takes Credit for Attack

The Clop ransomware group has claimed responsibility for data theft from Cleo's file transfer platforms. They exploited zero-day vulnerabilities, including CVE-2024-50623, to gain unauthorized access and upload a backdoor. This breach allowed extensive data theft and lateral movement within networks. Clop announced they would delete sensitive government data but continues targeting new victims. Read more

Turla Ransomware: Analysis of the Russian APT

The Turla ransomware group, associated with Russian APT activity, employs sophisticated techniques to compromise networks and exfiltrate sensitive data. Recent analysis reveals their use of advanced malware and zero-day vulnerabilities, particularly targeting governmental and military organizations. Their tactics include exploiting unpatched software and utilizing social engineering strategies to gain initial access. Read more

Texas Tech University Data Breach Exposes Data of 1.4 Million Patients

A cyberattack on Texas Tech University Health Sciences Center exposed 1.4 million patients' sensitive data, including personal and medical information. The breach occurred in September, with unauthorized access confirmed in December. The Interlock ransomware group claimed responsibility. The university is notifying affected individuals and offering credit monitoring services. Read more

Veeam License Renewal Can Qualify You for Protect Plus Plan

Introducing our Certified Enterprise Protect plus Plan for every Veeam Renewal due within next 6 months. This plan includes comprehensive planning, Monitoring, Testing, upgrade, optimization, training, Audit, Review and development of your Backup & Disaster Recovery policy and procedures plus best Immutable and Air-gapped security against Ransomware. Every Veeam Renewal can also qualify you for remarkable $500 discount off the list price on any new purchase of StoneFly Immutable and Air-Gapped Veeam Backup Appliance.  

For details, contact us.