COMPANY BLOGPOSTED Aug 26, 2023

Threat Intelligence Report - August 26, 2023.

The NetFire Threat Intelligence Report contains a weekly collection of key developments to be aware of along with action tips from NetFire.

avatar

NetFire Threat Intelligence Team

Image
Other articles
Share:

Veeam Weaponized Against Critical U.S. Infrastructure

 

The Cuba ransomware gang, a group that cyber-intelligence reports indicate may be potentially Russian, has been targeting critical infrastructure organizations in the U.S. and IT firms in Latin America, using a recently discovered vulnerability, CVE-2023-27532, which affects Veeam Backup & Replication products to steal credentials. BlackBerry's Threat Research team emphasizes the importance of promptly installing Veeam security updates, as the gang also employs a range of other techniques and vulnerabilities, including older ones like "Zerologon," to compromise systems and disable security measures.  Unlike most trends in ransomware, and of potential concern, Cuba ransomware remains an active threat heading into its fourth year.

 

Read more: https://netfire.link/veeam-weaponized-against-critical-us-infrastructure



 

 

Majority Customer Data Loss after Danish Hosting Firms Attacked

 

Danish hosting firms CloudNordic and AzeroCloud have been hit by a ransomware attack that resulted in the loss of the majority of their customer data, forcing them to shut down all systems including websites, email, and customer sites. The attack was particularly devastating as it encrypted all server disks, including primary and secondary backups, during a data center migration, leaving the data seemingly irrecoverable and affecting "several hundred Danish companies."

 

Read more: https://netfire.link/majority-customer-data-loss-after-danish-hosting-firms-attacked


 

 

 

NSF Telescopes Attacked; Motive Unclear

 

Cyber attackers have targeted National Science Foundation (NSF) telescopes, including the prominent NOIRLab, disrupting their operations and disconnecting telescopes in Hawaii and Chile. The attacks have halted key astronomical research, impacting various international projects, doctoral theses, and research endeavors due to missed observation windows, and cybersecurity experts remain puzzled over the motivations behind the attack.

 

Read more: https://netfire.link/nsf-telescopes-attacked-motive-unclear



 

 

FTX and BlockFi Impacted by Kroll Data Breach

 

Kroll, a third-party agent overseeing creditor claims for bankrupt companies, suffered a data breach compromising user data from cryptocurrency exchange FTX and lending platform BlockFi. While FTX and BlockFi assert that sensitive account information and passwords remain secure, both firms have alerted users about potential phishing attempts and fraudulent communications related to the breach.

 

Read more: https://netfire.link/ftx-blockfi-impacted-by-kroll-data-breach



 

 

GPS Locations of Major Art Collectors Leaked in Christie’s Data Breach

 

A data breach at the renowned auction house Christie's exposed the precise GPS coordinates of artwork owned by its clients, potentially revealing the exact location of pieces within a few feet. German cybersecurity researchers discovered this significant vulnerability, indicating that approximately 10% of the uploaded images contained these accurate coordinates, posing a massive security risk to the world's wealthiest art collectors.

 

Read more: https://netfire.link/gps-locations-of-major-art-collectors-leaked-in-christies-data-breach



 

 

Follow NetFire and stay tuned for more insights.

 


 

#NetFireThreatIntelligence #ThreatIntelligence #NetFire #Veeam #DataLoss #NSF #NOIRLab #FTX #BlockFi #Kroll #ChristiesArt #GPSTracking #NetOnFire