New #AtlantisAIO platform automates credential stuffing on 140 services
Hey #CyberSecurity pros! 👋 Ready to dive into the latest threats and breaches making headlines?
Our latest blog post is packed with need-to-know info to keep you ahead of the curve.
🗞️ https://opalsec.io/daily-news-update-thursday-march-27-2025-australia-melbourne/
Here's a quick rundown of what's inside:
🕵️♂️ FamousSparrow's Return: The Chinese government-backed hacking group is back, targeting organizations in North America. Important distinction: ESET insists on tracking them separately from Salt Typhoon. Remember to prioritize TTPs and IOCs/IOAs accordingly!
🗄️ RedCurl's Ransomware Twist: This corporate espionage group is now deploying "QWCrypt" ransomware, targeting Hyper-V servers. Phishing emails with malicious IMG attachments are the initial attack vector.
😬 StreamElements Data Breach: A third-party service provider suffered a breach, exposing data of 210,000 customers.!
🏛️ NSW Court System Data Theft: Sensitive documents, including AVOs, were stolen from the NSW Online Registry website. This could have serious consequences for victims of domestic violence.
👨🎓 NYU Website Defacement: A hacker compromised NYU's website, leaking personal data of over 1 million students. Even with good intentions, the collateral damage is unacceptable.
💰 Defense Contractor Fined: MORSE Corp will pay millions for failing to meet federal cybersecurity requirements. Third-party risk management is crucial!
🤖 Atlantis AIO Automates Credential Stuffing: This new platform automates credential stuffing attacks against 140 online services. Stay vigilant against brute force attacks!
🚨 Chrome Zero-Day Exploited: Google patched a zero-day vulnerability exploited in espionage campaigns targeting Russian organizations. Keep your browsers updated!
👦 UK Warns of 'Com Networks': The UK's NCA is warning of a growing threat from online networks of teenage boys who are "dedicated to inflicting harm and committing a range of criminality." A very worrying trend that we need to be aware of.
Ready for the full scoop? Read the full blog post here 👉 https://opalsec.io/daily-news-update-thursday-march-27-2025-australia-melbourne/
#Cybersecurity #InfoSec #DataBreach #Ransomware #ThreatIntelligence #DataPrivacy #ZeroDay #FamousSparrow #RedCurl #StreamElements #NSWCourts #NYU #MORSECorp #AtlantisAIO #Chrome #ComNetworks #SecurityNews #CybersecurityThreats #InfoSecurity #CyberAttack #DataSecurity #PrivacyMatters #Vulnerability #Cybercrime #ThreatActor #ESET #SaltTyphoon #NIST #ZeroTrust #SaltTyphoon #CriticalInfrastructure
Audio Summary: Thursday, March 27, 2025 (Australia/Melbourne)0:00/292.1521× Chinese ‘FamousSparrow’ Hackers Resurface The Chinese government-backed hacking group FamousSparrow, thought to be dormant since 2022, has allegedly been targeting organisations in the U.S., Mexico, and Honduras. ESET researchers discovered suspicious activity on a U.S. trade