DDW Weekly Highlights in September W4
2024.10.02
☑️ S2W DDW Weekly Highlights in September W4
🔍 U.S. Department of
Defense Leak: North Korea ICBM Documents for
Sale
• Confidential
documents related to North Korea, leaked from the U.S. Department of Defense,
are being sold on the dark web forum BreachForums.
• On
September 24, a threat actor, "nexwl," listed classified U.S.
documents concerning North Korea’s ICBMs (Intercontinental Ballistic Missiles)
for sale.
• A
sample was shared via a link, showing a screenshot of the first page. The full
document is estimated to be eight pages long, with the first page displaying
the title, creation date (May), document code, and confidentiality statement.
🔍 South Korean Tire Manufacturer K
Hit
by
Lockbit Ransomware
• A
major South Korean tire manufacturer, K, has likely been targeted by a
ransomware attack, leading to a data leak.
• On
September 25, the LockBit
ransomware group posted details of the breach, listing stolen data including
financial records, payroll, emails, and IT information.
• Screenshots
of some leaked data, appearing to be internal company documents, were also
shared.
• On
September 3, a post on the Russian dark web forum XSS had been seeking to
purchase access to K’s internal network.
🔍 Chinese
Airport & Flight Data for Sale; Source Likely Exposed
• Chinese
flight ticket information is being sold on BreachForums.
• On September 26, a threat actor, "samkk," offered data including names, IDs, contact details, and airports used by Chinese travelers (departure and arrival).
• The
seller claimed the data is real-time, indicating the source may still be
compromised.
If you want to read more, follow the newsletter as below and visit S2W Inc. website to contact us.
Attachments
Threat Intelligence Reports
Handala Group Claims Responsibility for Israeli Supply Chain Attack on Hezbollah Walkie-Talkies
2024.09.27
Previous
News Highlights
DDW Weekly Highlights in October W1
2024.10.10
Next