Breaches

Cybersecurity Daily: August 30, 2023

greykeep · August 30, 2023 ·

GreyKeep Security Cybersecurity Daily News

Your daily dose of relevant cybersecurity advisories, industry news, and product updates for August 30, 2023.

Advisories

[Read more…]

Ransomware Campaign Targeting MOVEit Impacts 60 Million People

greykeep · August 28, 2023 ·

Background by Peter Gargiulo

As reported by security research firms Emsisoft and Resecurity, as many as 1,000 organizations and 60 million individuals have been affected by the recent ransomware campaign targeting a SQL injection vulnerability (CVE-2023-34362) in the MOVEit Transfer web application. An attacker can exploit the vulnerability to access file transfers without authentication.

[Read more…]

Cybersecurity Daily: August 24, 2023

greykeep · August 24, 2023 ·

Your daily dose of relevant cybersecurity advisories, industry news, and product updates for August 24, 2023.

For the latest news on malware and ransomware, check out our weekly Malware Roundup.

Advisories

[Read more…]

Cybersecurity Daily: August 17, 2023

greykeep · August 17, 2023 ·

Your daily dose of relevant cybersecurity advisories, industry news, and product updates for August 17, 2023.

Advisories

[Read more…]

Discord.io Temporarily Shuts Down Following Data Breach

greykeep · August 16, 2023 ·

Discord.io data breach — Photo by Alexander Shatov

The Discord.io custom invite service has temporarily shut down following a data breach that exposed information for 760K users. While not an official Discord site, the third-party service allowed visitors to search for Discord servers based on content and for server owners to create custom invites to their channels.

On August 13, a hacker known as ‘Akhirah’ began selling the Discord.io database on the Breached hacking forums. According to the hacker, the database contains information for 760,000 members, including usernames, Discord IDs, email addresses, and billing addresses among other details.

The breach is believed to have been caused by a vulnerability in the Discord.io website that provided access to the database. The site recommends that users who joined before 2018 update their password if shared with other websites.