Brian Krebs reports: In late March 2023, 3CX disclosed that its desktop applications for both Windows and macOS were compromised with malicious code that gave attackers the ability to download and run code on all machines where the app was installed. 3CX says it has more than 600,000 customers and 12 million users in a broad range of industries,…
Category: Business Sector
Russian hackers exfiltrated data from from Capita over a week before outage
Kevin Beaumont writes: Capita have finally admitted a data breach, but still do not think they need to disclose key details of the incident to customers, regulators, impacted parties and investors. So in this piece we shall dig into the details using open source intelligence, and prove Capita was penetrated by Black Basta ransomware group using…
Bits ‘n Pieces (Trozos y Piezas)
Cementos Bío-Bío S.A attacked by BlackByte Cementos Bio-Bio S.A, a Chilean cement company, was added to BlackBye’s leaks site on April 9. DataBreaches found no notice of any incident on the main cbb.cl website, but the cbbexpress.cl customer portal had a notice about interruptions: “At this time we are having intermittencies with our services. If…
Daggerfly Cyberattack Campaign Hits African Telecom Services Providers
Ravie Lakshmanan reports: Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least since November 2022. The intrusions have been pinned on a hacking crew tracked by Symantec as Daggerfly, and which is also tracked by the broader cybersecurity community as Bronze Highland and Evasive Panda….
Capita IT breach gets worse as Black Basta claims it’s now selling off stolen data
Jessica Lyons Hardcastle reports: Black Basta, the extortionists who claimed they were the ones who lately broke into Capita, have reportedly put up for sale sensitive details, including bank account information, addresses, and passport photos, stolen from the IT outsourcing giant. A spokesperson for the London-based corporation, which has UK government contracts totaling £6.5 billion…
Real estate firm OrangeTee & Tie fined for data breach involving 250,000 customers and employees
CNA reports a follow-up to an attack by ALTDOS that was previously reported by DataBreaches: Real estate agency OrangeTee & Tie has been fined S$37,000 by Singapore’s privacy watchdog after the personal data of more than 250,000 customers and employees was compromised. Names, bank account numbers, property transaction amounts, as well as identity card numbers were…