1.) AhnLab, a South Korean cybersecurity firm, has issued an alert about a ransomware attack on Microsoft SQL Servers that are being bombarded with Trigona Ransomware payloads meant to encrypt files after stealing data. Hackers induce the same ransomware via brute force or dictionary attacks, where hackers use easy-to-guess credentials to bypass logins. Trigona was first spotted in October 2022 by MalwareHunterTeam, who analyzed the possibilities and concluded that the malware-spreading gang uses Monero Cryptocurrency from their victims to offer a decryption key in exchange.
2.) Real estate firm OrangeTee & Tie has been slapped with a fine by Singapore’s Personal Data Protection Commission (PDPC) after the company failed to protect its user data, leading to a breach of information related to 25,000 customers and employees. This includes details such as names, bank account numbers, transaction details of the property, and ID card details. ALTDOS, a hacking group from Southeast Asia, was behind the incident, and it is known that the group of threat actors demanded 10 BTC for the return of the information, along with an assurance that no stolen data would be published online thereafter. After learning about the facts of the cyber incident, PDPC slapped a fine of $37,000 on the property firm for failing to take proactive security measures in advance to prevent data from being spilled from over 11 databases.
3.) Blind Eagle, an espionage actor speaking Spanish, is linked to the cyber attacks launched on the private and public sector in Colombia, Spain, Chile, and Ecuador. Security firms Check Point and BlackBerry have discovered that the threat actors group uses spear-phishing campaigns to deliver commodity malware such as AsyncRAT and BitRAT. Also known as APT-C-36, the group is financially motivated and has been found launching promiscuous attacks against citizens in South America since 2018.