CyberAlerts

Description: In September 2024, French electronics retailer Boulanger suffered a data breach that exposed over 27M rows of data. The data included 967k unique email addresses along with names, physical addresses, phone numbers and latitude and longitude. The data was later publicly published to a popular hacking forum.

Source: HaveIBeenPwnedLatestBreaches

April 8th, 2025 (10 days ago)

Hackers lurked in Treasury OCC’s systems since June 2023 breach

Description: Unknown attackers who breached the Treasury's Office of the Comptroller of the Currency (OCC) in June 2023 gained access to over 150,000 emails. [...]

Source: BleepingComputer

April 8th, 2025 (10 days ago)

QSC Employee Database Allegedly Leaked on Breach Forums

Description: QSC Employee Database Allegedly Leaked on Breach Forums

Source: DarkWebInformer

April 8th, 2025 (10 days ago)

How To Implement Just-In-Time Access: Best Practices and Lessons Learned

Description: With the just-In-time (JIT) access control method, privileges are granted temporarily on an as-needed basis. This reduces static entitlements, lowering the risk of compromised accounts and preventing privilege creep. In this blog, we’ll share how we implemented JIT access internally at Tenable using Tenable Cloud Security, and offer recommendations we hope you’ll find useful.Just-in-time access (JIT) is a valuable security practice that allows organizations to limit the time and the scope of users’ access to resources, such as applications and systems. However, implementing JIT access successfully is challenging, as it requires careful planning and ample communication between the security team and all other departments. At Tenable, we went through this process. Here, we share the lessons we learned and the best practices we adopted, as well as explain how you can leverage Tenable Cloud Security when implementing JIT access.Benefits of JIT accessThe most notable benefit of just-in-time (JIT) provisioning is its ability to restrict access duration. By granting permissions only upon request, JIT can reduce identity and entitlement risks by 75% or more in most scenarios. For example, a user who requests permissions for a 40-hour work week will not have access during the remaining 128 hours, thereby significantly minimizing the user’s identity-breach risks.Another significant risk reduction made possible by JIT is the prevention of privilege creep. Over time, users tend to accu...

Source: Tenable Blog

April 8th, 2025 (11 days ago)

EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher

Description: EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. [...]

Source: BleepingComputer

April 7th, 2025 (11 days ago)

🏴‍☠️ Hellcat has just published a new victim : CVTE

Description: We have breached the internal systems of Guangzhou Shiyuan Electronic Technology, securing sensitive files that, if exposed, would cause serious disruption across operations and partnerships.

Source: Ransomware.live

April 7th, 2025 (11 days ago)

🏴‍☠️ Hellcat has just published a new victim : P**o***

Description: We have breached a U.S.-based financial services firm. 381GB of sensitive data has been secured. The name will be made public in a few hours. This is a warning.

Source: Ransomware.live

April 7th, 2025 (11 days ago)

Food giant WK Kellogg discloses data breach linked to Clop ransomware

Description: US food giant WK Kellogg Co is warning employees and vendors that company data was stolen during the 2024 Cleo data theft attacks. [...]

Source: BleepingComputer

April 7th, 2025 (11 days ago)

Alleged Grubhub Data Breach Exposes 70 Million User Records

Description: Alleged Grubhub Data Breach Exposes 70 Million User Records

Source: DarkWebInformer

April 7th, 2025 (11 days ago)

Five Steps to Move to Exposure Management

Description: Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we explore the five steps to take on your journey to exposure management. You can read the entire Exposure Management Academy series here.Chances are, you’re buried in vulnerabilities and other cyber risks and there’s simply no way to address them all. But they keep on coming. You could work day and night and never hope to close them all. Of course, hope is not a strategy — especially with breaches like those that impacted SolarWinds and Colonial Pipeline, which cost millions to mitigate. And even after those companies cleaned up their issues, the damage was done — to their brands, to customer loyalty and to stakeholder confidence. So, faced with building threats, what can you do? In the cyber world, the key to getting ahead of your exposures is focus. That doesn’t mean trying to boil the ocean of threats you face. In fact, it might mean doing less. Pour that ocean into a paper cup. Economist Michael E. Porter wrote in a seminal Harvard Business Review article: "The essence of strategy is choosing what not to do." The upshot here: How can you be strategic if you have to do everything? Or, as the great philosopher Bob Seger once sang in “Against The Wind”: Deadlines and commitmentsWhat to leave in, what to leave outSo, what should you leave in and what should you leave out? Let’s think about it...

Source: Tenable Blog

April 7th, 2025 (12 days ago)

Threat and Vulnerability Intelligence Database

Example Searches:

	Boulanger - 966,924 breached accounts Description: In September 2024, French electronics retailer Boulanger suffered a data breach that exposed over 27M rows of data. The data included 967k unique email addresses along with names, physical addresses, phone numbers and latitude and longitude. The data was later publicly published to a popular hacking forum. Source: HaveIBeenPwnedLatestBreaches April 8th, 2025 (10 days ago)
	Hackers lurked in Treasury OCC’s systems since June 2023 breach Description: Unknown attackers who breached the Treasury's Office of the Comptroller of the Currency (OCC) in June 2023 gained access to over 150,000 emails. [...] Source: BleepingComputer April 8th, 2025 (10 days ago)
	QSC Employee Database Allegedly Leaked on Breach Forums Description: QSC Employee Database Allegedly Leaked on Breach Forums Source: DarkWebInformer April 8th, 2025 (10 days ago)
	How To Implement Just-In-Time Access: Best Practices and Lessons Learned Description: With the just-In-time (JIT) access control method, privileges are granted temporarily on an as-needed basis. This reduces static entitlements, lowering the risk of compromised accounts and preventing privilege creep. In this blog, we’ll share how we implemented JIT access internally at Tenable using Tenable Cloud Security, and offer recommendations we hope you’ll find useful.Just-in-time access (JIT) is a valuable security practice that allows organizations to limit the time and the scope of users’ access to resources, such as applications and systems. However, implementing JIT access successfully is challenging, as it requires careful planning and ample communication between the security team and all other departments. At Tenable, we went through this process. Here, we share the lessons we learned and the best practices we adopted, as well as explain how you can leverage Tenable Cloud Security when implementing JIT access.Benefits of JIT accessThe most notable benefit of just-in-time (JIT) provisioning is its ability to restrict access duration. By granting permissions only upon request, JIT can reduce identity and entitlement risks by 75% or more in most scenarios. For example, a user who requests permissions for a 40-hour work week will not have access during the remaining 128 hours, thereby significantly minimizing the user’s identity-breach risks.Another significant risk reduction made possible by JIT is the prevention of privilege creep. Over time, users tend to accu... Source: Tenable Blog April 8th, 2025 (11 days ago)
	EncryptHub's dual life: Cybercriminal vs Windows bug-bounty researcher Description: EncryptHub, a notorious threat actor linked to breaches at 618 organizations, is believed to have reported two Windows zero-day vulnerabilities to Microsoft, revealing a conflicted figure straddling the line between cybercrime and security research. [...] Source: BleepingComputer April 7th, 2025 (11 days ago)
	🏴‍☠️ Hellcat has just published a new victim : CVTE Description: We have breached the internal systems of Guangzhou Shiyuan Electronic Technology, securing sensitive files that, if exposed, would cause serious disruption across operations and partnerships. Source: Ransomware.live April 7th, 2025 (11 days ago)
	🏴‍☠️ Hellcat has just published a new victim : Po* Description: We have breached a U.S.-based financial services firm. 381GB of sensitive data has been secured. The name will be made public in a few hours. This is a warning. Source: Ransomware.live April 7th, 2025 (11 days ago)
	Food giant WK Kellogg discloses data breach linked to Clop ransomware Description: US food giant WK Kellogg Co is warning employees and vendors that company data was stolen during the 2024 Cleo data theft attacks. [...] Source: BleepingComputer April 7th, 2025 (11 days ago)
	Alleged Grubhub Data Breach Exposes 70 Million User Records Description: Alleged Grubhub Data Breach Exposes 70 Million User Records Source: DarkWebInformer April 7th, 2025 (11 days ago)
	Five Steps to Move to Exposure Management Description: Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we explore the five steps to take on your journey to exposure management. You can read the entire Exposure Management Academy series here.Chances are, you’re buried in vulnerabilities and other cyber risks and there’s simply no way to address them all. But they keep on coming. You could work day and night and never hope to close them all. Of course, hope is not a strategy — especially with breaches like those that impacted SolarWinds and Colonial Pipeline, which cost millions to mitigate. And even after those companies cleaned up their issues, the damage was done — to their brands, to customer loyalty and to stakeholder confidence. So, faced with building threats, what can you do? In the cyber world, the key to getting ahead of your exposures is focus. That doesn’t mean trying to boil the ocean of threats you face. In fact, it might mean doing less. Pour that ocean into a paper cup. Economist Michael E. Porter wrote in a seminal Harvard Business Review article: "The essence of strategy is choosing what not to do." The upshot here: How can you be strategic if you have to do everything? Or, as the great philosopher Bob Seger once sang in “Against The Wind”: Deadlines and commitmentsWhat to leave in, what to leave outSo, what should you leave in and what should you leave out? Let’s think about it... Source: Tenable Blog April 7th, 2025 (12 days ago)