DDW Weekly Highlights in March W3
2024.03.28
☑️ S2W DDW Weekly Highlights in March W3
⚠️Major Japanese mobile carrier: 14.6 million user data at risk
• On March 18th, a post selling 14.62 million user data records from Japanese telecom company N** ****** was posted on 'BreachForums'.
• The data sample publicly disclosed by hacker 'oubao718' includes sensitive personal information of N** users, such as names, addresses, and phone numbers (selling price $5,000).
• The affected company is also known to have suffered ransomware damage from cyberattacks by the threat-actor group 'ransomed.vc' in September of last year.
⚠️US online payment service (P*****): Internal access rights leaked, sensitive user data compromised
• On March 20th, suspicious activity capturing access rights and sensitive internal data sales related to the internal portal of the US online payment service P***** was detected on 'XSS'.
• The access being sold is linked to a site set up by US law enforcement agencies to investigate P*****'s payment services, potentially enabling the theft and misuse of sensitive information such as user personal data, transaction details, and other financial data.
• Threat-actor 'pwnipotent' is selling access rights on a first-come, first-served basis for $5,000, and has publicly released a sample of the actual portal login screen.
⚠️State Bank of Vietnam: Internal employee OWA authorization sale on multiple dark web sites
• On March 21st, postings selling access to State Bank of Vietnam (SBA) employees' Outlook Web Access (OWA) credentials were found on various sites, including dark web Russian hacking forums like 'Exploit', 'RAMP', and 'XSS’.
• The seller, 'SpicyPepperoni', an Initial Access Broker (IAB), is offering internal employee access for $200, though specific leaked contents haven't been disclosed.
News Highlights
DDW Weekly Highlights in March W2
2024.03.22
Previous
News Highlights
DDW Weekly Highlights in March W4
2024.04.04
Next