B2B cyber security

Companies: Every third attack involves stolen account data

7 April 2025

Freshly stolen account credentials are increasingly being used by cybercriminals for attacks. According to Kaspersky analysis, legitimate accounts represented the initial attack vector in 31 percent of security incidents last year, compared to just 20 percent the previous year—a sharp increase. This trend indicates that companies are increasingly becoming targets of initial access brokers (IABs), which sell stolen credentials on the dark web, enabling follow-up attacks. Cybercriminals particularly benefit from IABs in activities related to ransomware-as-a-service (RaaS). According to Kaspersky data, the accounts of victims were often previously compromised. This shows that the leaked credentials…

DDoS attacks against X

6 April 2025

| No comments

| Short news

Messenger X (formerly Twitter) suffered multiple outages due to DDoS attacks, affecting many users worldwide. Elon Musk himself attributed this to a "massive cyberattack" and suspected the involvement of a large, coordinated group. Meanwhile, Check Point Research (CPR) found that the hacker gang Dark Storm Team, a pro-Palestinian cyberattack group specializing in DDoS (Distributed Denial of Service) attacks, is back in action after a period of inactivity. Their primary targets are Western entities, including organizations in the US, Ukraine, the United Arab Emirates (UAE), and Israel. In recent…

Oracle: Hacker claims to have stolen 6 million data records

5 April 2025

| No comments

| Short news

While Oracle remains silent about the data offered on the dark web, the first customers have reportedly confirmed the authenticity of the data sets. The alleged leak is said to contain 6 million data records and even encrypted passwords. According to the portal Bleepingcomputer, a hacker calling himself "rose87168" claims to have compromised the Oracle Cloud and stolen data from 6 million users. This data allegedly includes encrypted passwords, LDAP entries, and authentication information. Although Oracle officially denies that such an incident has occurred, several companies have reportedly already confirmed the authenticity of the…

Darknet: 270.000 Samsung customer records surfaced

4 April 2025

| No comments

| Short news

Approximately 270.000 Samsung customer records have surfaced on the dark web. They reportedly contain names, addresses, email addresses, and phone numbers, as well as information on device specifications. An article on cyberinsider.com highlights a serious data breach in which sensitive customer data from Samsung Germany was exposed through a security vulnerability. It explains that the incident was caused by an infection with the Raccoon Infostealer malware, which had already compromised the login credentials of an employee of Spectos GmbH in 2021. Spectos is a service provider that manages Samsung's customer service ticket system. The stolen credentials remained unchanged for years, making it…

APT group BlackLock becomes victim of a cyberattack

3 April 2025

| No comments

| Short news

Security experts at Resecurity have discovered a vulnerability in the infrastructure of the BlackLock ransomware group. They used this to infiltrate the group and gain access to configuration files, credentials, and the history of commands executed by the attackers. The BlackLock ransomware group is also known as "El Dorado" or "Eldorado." Since its first activity in March 2024, this group has evolved into one of the most dangerous threats in the field of cybercrime. Its attacks saw an impressive increase of 2024 percent in the last quarter of 1.425. BlackLock has identified companies from the…

Juniper Networks routers in the spotlight

2 April 2025

| No comments

| Short news

After a months-long investigation dating back to mid-2024, Mandiant is publishing its findings on a covert espionage campaign by a China-linked actor (UNC3886), which deployed custom malware on decommissioned Juniper Networks Junos OS routers. Mandiant worked with Juniper Networks to investigate UNC3886's activities and found that the affected Juniper MX routers targeted by the group were running outdated hardware and software. The custom malware samples used by UNC3886 demonstrate that the threat actor has extensive knowledge of far-reaching system internals. Mandiant recommends...

Cyber attackers attempt to divert unemployment benefits

1 April 2025

| No comments

| Short news

Cyberattackers: Many unemployed user accounts were hacked, and new account details were entered so that further payments could be redirected to the attackers' accounts. The problem: MFA is still not mandatory. The Federal Employment Agency (BA) emphasizes in its announcement that its systems are not affected by the hacks, but rather the customers' accounts. However, the agency is responding and is now restricting the use of the BA's online accounts. Customers are currently unable to change their address and account details online in the eServices. This is due to unauthorized third-party access to...

SuperBlack Ransomware exploits Fortinet vulnerability

March 31, 2025

| No comments

| Short news

In January 2025, Arctic Wolf Labs reported suspicious activity on Fortinet FortiGate firewall devices. On January 14, Fortinet published confirmation of a zero-day vulnerability affecting FortiOS and FortiProxy products, designated CVE-2024-55591. On February 11, the company confirmed another vulnerability, designated CVE-2025-24472. The new SuperBlack ransomware exploits the latter Fortinet vulnerability to bypass authorization, as recently reported. "Threat actors are always looking for new 'revenue streams,' and the Fortinet vulnerabilities are an example of the risks organizations face from unpatched vulnerabilities. In…

Cyber attacks: One-third last longer than a month

March 30, 2025

| No comments

| Kaspersky, Short news

According to a study, 35 percent of cyberattacks on companies last year lasted longer than a month. The median attack duration was 253 days. These findings come from Kaspersky's Global Incident Response 2024 Report. 69 percent of companies in Germany were affected by at least one cybersecurity incident last year, and 31 percent were affected multiple times. A recent analysis by Kaspersky now shows that such attacks could not be quickly detected or stopped. According to the study, long-running cyberattacks lasted a median of 2024 days in 253, with 35 percent…

Ransomware: The new heirs of LockBit & Co.

March 29, 2025

| No comments

| Short news

The ransomware gang RansomHub is taking over the criminal legacy of LockBit and others. New connections are emerging between previously rival groups, and new attack tools are circulating, according to ESET experts. In a recent analysis of the ransomware landscape, ESET experts demonstrate that existing APT groups are reorganizing and also taking over the legacy of LockBit and others. The analysis focuses on the RansomHub group, which has quickly become the dominant force among so-called Ransomware-as-a-Service (RaaS) providers. RansomHub apparently emerged after international law enforcement measures investigated the activities…

Category: Short News

Companies: Every third attack involves stolen account data

DDoS attacks against X

Oracle: Hacker claims to have stolen 6 million data records

Darknet: 270.000 Samsung customer records surfaced

APT group BlackLock becomes victim of a cyberattack

Juniper Networks routers in the spotlight

Cyber attackers attempt to divert unemployment benefits

SuperBlack Ransomware exploits Fortinet vulnerability

Cyber attacks: One-third last longer than a month

Ransomware: The new heirs of LockBit & Co.

Which user group do you belong to? (No tracking!)

Important links

Latest Articles & News

It was searched for

Social Media