Search This Blog

Popular Posts

Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label World Leaks. Show all posts
World Leaks
Customer Solution Centers Data Breach Dell Technologies User Security World Leaks

World Leaks Outfit Linked to Dell Test Lab Intrusion

 

Dell Technologies has acknowledged a serious security compromise affecting its Customer Solution Centers platform, the latest high-profile intrusion by the World Leaks extortion outfit. 

The breach occurred earlier this month and targeted Dell's isolated demonstration environment, which is designed to showcase commercial solutions to enterprise customers, however the company claims that critical user data and operating systems are still secure. 

The attack targeted Dell's Customer Solution Centres infrastructure, which is a controlled environment used for product presentations and proof-of-concept testing for commercial users. Threat actors were able to successfully breach this platform, which follows stringent network segmentation guidelines to keep it isolated from production systems, according to Dell's official statement. 

The platform "is intentionally separated from customer and partner systems, as well as Dell's networks and is not used in the provision of services to Dell customers," according to Dell, which underlined the purposeful isolation of the compromised environment. Multiple isolation levels and clear warnings that forbid users from uploading private or sensitive data to the demonstration environment are features of the company's security architecture. 

The breach investigation discovered that the stolen data mostly consisted of fake test information, publicly available datasets used for demonstrations, Dell scripts, system data, and testing results. The only authentic data exposed appears to be an out-of-date contact list with little operational value, severely limiting the possible impact on Dell's company operations and customer relationships. 

Security review 

Report claims that Dell's thorough security response shows how well their multi-layered defence architecture can limit the potential harm caused by advanced cyberattacks. While ensuring that partner systems, production networks, and customer data repositories are unaffected by the incident, the company's security team is still looking into the breach vectors. 

The breach's limited scope shows Dell's strong data management processes and network segmentation strategies, which effectively prevented lateral movement into vital company systems. Dell's emphasis on using synthetic data for demonstration reasons was critical in limiting the breach's potential damage, as attackers accessed created information rather than sensitive consumer or company data.

This incident shows the expanding landscape of cyber threats, as attackers increasingly target demonstration and testing environments as potential entry points into larger corporate networks, making robust security architecture vital for organisational protection.
Read more »
World Leaks
Armenia Cyber Security Hunters International RaaS Group Threat Intelligence World Leaks

'Hunters International' RaaS Outfit Shuts Down Its Operation

 

Hunters International, a ransomware-as-a-Service (RaaS) outfit, shut down operations and will provide free decryptors to victims seeking to restore their data without paying a ransom. 

"After careful consideration and in light of recent developments, we have decided to close the Hunters International project. This decision was not made lightly, and we recognize the impact it has on the organizations we have interacted with," the ransomware outfit notes in a statement published on its dark web.

"As a gesture of goodwill and to assist those affected by our previous activities, we are offering free decryption software to all companies that have been impacted by our ransomware. Our goal is to ensure that you can recover your encrypted data without the burden of paying ransoms.”

The attackers also erased all entries from the extortion platform and stated that firms whose systems were encrypted in Hunters International ransomware assaults can access decryption tools and recovery guidance from the gang's official website. 

While the ransomware group does not specify what "recent developments" it alludes to, the latest development follows a November 17 statement stating that Hunters International will soon cease operations due to growing law enforcement scrutiny and diminishing profitability. 

In April, threat intelligence firm Group-IB also disclosed that Hunters International had started a new extortion-only operation dubbed "World Leaks" and was rebranding with plans to zero in on data theft and extortion-only attacks. 

Group-IB stated at the time that "World Leaks operates as an extortion-only group using a custom-built exfiltration tool, in contrast to Hunters International, which combined encryption with extortion." The new tool seems to be an improved version of the Storage Software exfiltration tool that Hunters International's ransomware affiliates used. 

Due to code similarities, security researchers and ransomware specialists identified Hunters International, which surfaced in late 2023, as a potential rebranding of Hive. The malware from the ransomware group supports x64, x86, and ARM architectures and targets a variety of platforms, including Windows, Linux, FreeBSD, SunOS, and ESXi (VMware servers). 

Hunters International has attacked businesses of all sizes over the last two years, demanding ransoms ranging from hundreds of thousands to millions of dollars, depending on the size of the compromised organisation. The ransomware group has claimed credit for around 300 attacks worldwide, making it one of the most active ransomware campaigns in recent years. 

The ransomware outfit has claimed several notable victims, including the United States Marshals Service, the Japanese optical firm Hoya, Tata Technologies, the North American car dealership AutoCanada, the United States Navy contractor Austal USA, and Integris Health, Oklahoma's largest non-profit healthcare network.
Read more »
Subscribe to: Posts (Atom)