The Gridware Blog
28 FOLLOWERS
Founded in Sydney, Australia, Gridware has grown to become a leader in cybersecurity and incident response services both locally and internationally. The Gridware helps out-innovate hackers by driving and delivering real innovation in the cyber security industry. Our mission is to help people, governments and businesses around the world defend themselves against cybercrime and reduce their..
The Gridware Blog
1M ago
MediaWorks, a major New Zealand media company, has fallen victim to a cyber breach, which has exposed the personal data from over 2.4 million individuals.
The Breach
A hacker, operating under the pseudonym OneERA on a hacking forum, claims to have secured a vast amount of personal data from MediaWorks. This incident was unveiled through a forum post dated 14 March, where OneERA highlighted their intention to sell the acquired data.
Hacker's forum post advertising the sale of stolen data from MediaWorks breach.
source
Data Stolen:
Total Records Stolen: 2,461,180
Types of Data:
Names
Home ad ..read more
The Gridware Blog
2M ago
The LockBit ransomware group’s servers were taken down by law enforcement on February 19, seen by many as a significant blow to the cybercrime group’s operations. But in less than a week, they were back, this time with stronger defences and threats aimed at government bodies.
The reality is, this comeback was to be expected – shutting down a hacker group’s website is one thing, but keeping them offline is another story altogether.
Inside LockBit
LockBit operates as a cybercrime group, specialising in ransomware attacks. They offer their ransomware on a ransomware-as-a-service (RaaS) basis, a ..read more
The Gridware Blog
2M ago
Tangerine Telecom recently faced a significant cybersecurity incident, impacting 232,000 customers.
Incident Overview
The breach occurred when threat actors gained access to Tangerine Telecom’s legacy database (an outdated but still used system holding valuable data). Here’s how the breach unfolded step by step:
The threat actor targeted Tangerine Telecom’s legacy database, which still had lots of valuable customer info.
They obtained login credentials that were given to a contractor by Tangerine Telecom for legitimate access.
Using these credentials, the threat actor bypassed the security ..read more
The Gridware Blog
2M ago
Chinese Government Leak
On 16th February 2024, an unknown user uploaded supposedly sensitive Chinese Government documents to the file repository website, Github. The repository on Github is titled “I-S00N” and contains information relating to the offensive cyber security capabilities of APT41 (also known as Double Dragon, TG-2633 and Wicked Spider).
An X thread by the user, @AzakaSekai_ summarises the tools and capabilities within the repository, mainly consisting of spyware developed by a Chinese government contractor named “iSOON or Anxun Information”. Some of these tools include:
An X (p ..read more
The Gridware Blog
2M ago
Within days of its release, the Apple Vision Pro, a highly anticipated mixed reality headset, was found to have a significant security vulnerability.
Joseph Ravichandran, a Ph.D. student from the Massachusetts Institute of Technology (MIT) identified a kernel vulnerability in the device’s visionOS. This flaw, if exploited, could allow for jailbreaks and malware attacks that would put users at risk.
What Happened?
The software at the heart of the Vision Pro has a weak spot, known as a “kernel vulnerability.”
This weak spot can make the headset crash. Instead of showin ..read more
The Gridware Blog
2M ago
Common Penetration Test Findings for 2024
Cybersecurity trends continue to evolve and keeping pace in 2024 means staying proactive. This year, we’ve collaborated with Khalid Ebrahimi, our Senior Penetration Tester at Gridware, to discuss the common penetration test findings for 2024.
A misconception that remains a general consensus; larger means safer in cybersecurity is a myth. Recent headlines disprove this belief. From the data breach of 10 million customers by Latitude Finance to the exposure of 9.7 million records by Medibank, even the biggest players can stumble.&n ..read more
The Gridware Blog
2M ago
The Commission Nationale Informatique et Libertés (CNIL), France’s data protection authority, this week disclosed a cyber-attack on Viamedis and Almerys, two health insurance companies.
This incident, now referred to as the French Health Insurance Data Breach, affected over 33 million people, nearly half the country’s population.
The Data at Risk
The breach exposed a range of personal data, including:
Marital status
Dates of birth
Social security numbers
Specific details related to individuals’ insurance policies
This exposed information puts peo ..read more
The Gridware Blog
2M ago
Recent headlines claimed that 3 million electric toothbrushes were hacked to conduct a Distributed Denial of Service (DDoS) attack, sparking widespread attention. Yet, this story, interesting as it may seem, is not supported by facts.
Debunked:
The report originated from a Swiss news outlet, suggesting these toothbrushes had been compromised with malware. However, no evidence supports this claim. The cybersecurity firm that was cited as the story’s source, has not verified the incident. This narrative likely emerged from a hypothetical scenario rather than an actual event.  ..read more
The Gridware Blog
2M ago
The systems we rely on every day, from our water supply to the internet itself, are increasingly under threat from cyber attacks. Hackers target Critical Infrastructure sectors not just to cause trouble but to gain big – financially, politically, or even just to prove they can.
The Target List
Key sectors at risk include energy, healthcare, communication, food supply, finance, transportation, defense, and water management. These areas are essential for our daily lives and, if attacked, can impact everything from our safety to our economy.
Why Hackers are Interested&nb ..read more
The Gridware Blog
2M ago
A finance employee at a Hong Kong-based multinational company was recently tricked into transferring $25 million by scammers using a deepfake video of the CFO.
What Happened
Scammers chose a big company with offices worldwide, knowing it had the money to target.
They sent the finance worker an invitation for a video meeting.
Threat actors used deepfake technology to make it look and sound like the CFO and other team members were on the call.
The fake CFO talked about needing to send money fast for a company emergency.
Believing the call was real ..read more