top of page
Untitled design.png

Weekly INK

Each week we compile an advisory on the latest threats, trends and newsworthy topics from the cyber security industry affecting small and medium enterprises. Join our subscribers below and help us prevent cybersecurity breaches.

watermark4.png

Issue #81 - January 22, 2024

LoanDepot Ransomware Attack: 16.6 Million Customers Affected

Source: Data Breach Today

Non-bank mortgage lending giant LoanDepot said hackers stole information pertaining to nearly 17 million customers when they breached its systems earlier this month.




HPE Says Russian Government Hackers Had Access to Emails for 6 Months

Source: Security Week

The company said it was notified on December 12 that a threat group identified as Midnight Blizzard and Cozy Bear had hacked into its cloud-based email environment. 


HPE said it kicked out the attackers, but its investigation revealed that the threat actor gained access to its systems and started exfiltrating data in May 2023. The hackers targeted “a small percentage of HPE mailboxes” used by staff in cybersecurity, go-to-market, business segments, and other departments.




Ransomware on Tap as Major Water Providers Fall Victim

Source: Data Breach Today

Two major water supply systems in the United States and United Kingdom report that they recently fell victim to ransomware attacks. In both cases, attackers appear to have stolen employee or customer data that they're now holding to ransom. Neither organization has reported experiencing long-term outages as a result of files or folders being forcibly encrypted or being told to pay any ransom.




Medical Lab Database Exposed 1.3M Records, COVID Test Info

Source: Info Risk Today

An unsecured database appearing to belong to a Netherlands-based medical laboratory exposed 1.3 million records on the internet, including COVID test results and other personal identifiable information, said a security researcher who discovered the trove.




CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits

Source: The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Ivanti Policy Secure (IPS) products.



103 views

Comments


Help us Prevent Breaches.

We will never share or sell your information. Unsubscribe at any time.

Email: *

Received.

bottom of page