Boeing Hacked! 12 Million Indian Patients Records Publicly Exposed, UPI Service Provider Exploited by Chinese Scammers- Find More
We are yet again back with this week's new edition of Threat Digest, bringing you some of the most intrusive bytes across the threat landscape curated by our team at Secure Blink Threat Intel Lab.
Chinese Scammers Draining Money Exploiting India's UPI Services Providers.
Security researchers have uncovered a sophisticated cybercrime operation primarily targeting India's real-time mobile payment system, the Unified Payments Interface (UPI). The scammers initiate their operation by creating counterfeit instant loan apps that promise substantial loans with flexible repayment terms. These apps are often disguised as legitimate financial institutions, further deceiving victims.
Iranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware Attacks.
Yellow Liderc, also known as Imperial Kitten, Tortoiseshell, TA456, and Crimson Sandstorm, has caused concern since 2019. This Iran-based threat actor has consistently targeted a wide range of industries and regions, including maritime, shipping, logistics, nuclear, aerospace, defense, and IT-managed service providers. In their latest campaign between 2022 and 2023, Yellow Liderc has demonstrated a new level of sophistication through strategic web compromises and the deployment of a .NET malware called IMAPLoader.
7 TB Database Publicly Exposes 12 Million Patients of India's Redcliffe Labs.
Millions of patients' records were reportedly exposed from one of India's popular medical diagnostic company, Redcliffe Labs, in what is known to be a massive data breach. This was brought to us following the discovery made by a security researcher, Jeremiah Fowler, in his recent investigation, revealing a non-password-protected database belonging to the company. This database contained a staggering 12,347,297 records, comprising a diverse range of highly sensitive patients' personally identifiable information, including medical diagnostic scans, test results, and other confidential medical records.
New Jersey Bank Hit by MOVEit Transfer Attack, Exposing Credit Card Data.
领英推荐
Credit card numbers were leaked along with other sensitive data, as the New Jersey-based bank joins the list of those affected by the MOVEit Transfer attacks.
23andMe's DNA Relatives Feature Temporarily Disabled Following Data Breach.
Following the critical breach of many genetic data, 23andMe yet again surfaced with a new breach of its DNA Relatives feature, allowing its customer to compare ancestry information with users worldwide. While it has raised grave concerns like always, as hackers advertised the stolen data on an online forum.
Boeing Hacked! Lockbit Ransomware Threatens to Leak if no Ransom on Time.
Boeing Company, with a staggering annual revenue of $66.61 billion and a workforce comprising 156,000 employees (as of 2022), has been allegedly targeted by the LockBit ransomware group. This claim poses a security concern and demands immediate attention, given LockBit's status as one of the most active ransomware groups worldwide. This breach, declared on the group's dark web leak site, stipulates a substantial amount of sensitive data being held for ransom.
That's a wrap for this week's Threat Digest until next time with a brand new edition.
Experience the New Dimension of Application Security with Threatspy
Stay tuned for more insightful updates on #cybersecurity.
Have a secure weekend!