By Ashwani Mishra, Editor-Technology, 63SATS
Hungary’s Defense Procurement Agency hacked by an international group, malware distributed through postal services in Switzerland, a massive data breach confirmed at DemandScience, Strela Stealer malware targets Europe in sophisticated campaigns, and Sitting Ducks DNS vulnerabilities put over 1 million domains at risk—it’s a critical time for global cyber security.
Hungary’s Defense Agency Breached: Hackers Leak Sensitive Data
Hungary’s defense procurement agency, VBÜ, confirmed a cyberattack by the INC Ransomware group, which allegedly accessed military procurement plans and other non-public documents.
Officials clarified that sensitive military data is not stored within VBÜ, but screenshots of classified information have surfaced on the dark web. The government attributes the attack to a foreign, non-state group, while investigations continue.
Swiss Cyber Agency Warns: Malware Delivered by Mail
Switzerland’s Federal Office for Cybersecurity (OFCS) warns of fake letters from MeteoSwiss being used to spread malware via QR codes.
Scanning these codes installs malicious apps like “Coper” and “Octo2,” targeting sensitive data from over 383 applications, including e-banking. The use of physical mail in malware distribution, though rare, adds a real-world element to cybercrime.
Sitting Ducks DNS Vulnerabilities Put 1M+ Domains at Risk
A report by Infoblox reveals that over 1 million domains are vulnerable to “Sitting Ducks” attacks, exploiting DNS misconfigurations like lame delegation.
With 70,000 domains already hijacked, these attacks enable malware distribution and phishing, posing significant challenges for detection by security systems.
Strela Stealer Malware Targets Europe in Sophisticated Campaigns
Hive0145, a financially-motivated group, is leveraging Strela Stealer malware to extract credentials from email services.
Phishing emails, often mimicking legitimate invoices, target victims in Spain, Germany, and Ukraine. The group increasingly uses stolen email accounts from diverse sectors, elevating the threat’s reach and sophistication.
Children’s Shoemaker Start-Rite Hit by Payment Data Breach
Summary: Start-Rite has notified customers of a security breach compromising payment card details, including CVVs, between October 14 and November 7.
This marks the second major incident for the company in under a decade. Customers are urged to cancel their cards, monitor transactions, and report unauthorized activity.
122M Records Stolen: DemandScience Confirms Data Breach
Summary: DemandScience US LLC has confirmed that a database containing information on 122 million individuals, first appearing on BreachForums in February, was stolen from their systems.
Initially denied, the breach has now been traced back to its earlier identity as Pure Incubation. The leaked data poses significant risks for targeted cyberattacks.