Topic: attack timeline
-
Salesforce Reveals Gainsight Breach Details and Investigation Steps
Salesforce disclosed a security incident involving Gainsight applications, with unauthorized access likely starting on November 8 and suspicious activity detected from mid-November using IPs from VPNs, Tor, and AWS. Indicators of compromise include specific IP addresses and a suspicious User Agen...
Read More » -
Insight Partners Confirms Ransomware Data Breach
Insight Partners suffered a ransomware attack that compromised sensitive personal and financial information, affecting over 12,000 individuals. The breach began in October 2024, went undetected for months, and involved advanced social engineering tactics for initial network access. Despite invest...
Read More » -
SonicWall VPN Breach: Hackers Exploit Stolen Credentials
Attackers breached over 100 SonicWall SSLVPN accounts using stolen credentials, with malicious activity detected from October 4th to at least October 10th by Huntress. The intrusions utilized previously compromised valid credentials, not brute-force methods, and involved network reconnaissance an...
Read More » -
WinRAR Path Flaw Still Actively Exploited by Hackers
A critical path traversal vulnerability (CVE-2025-8088) in WinRAR allows attackers to hide malicious files in archives and place them in sensitive Windows system locations, enabling automatic execution upon login. State-sponsored hacking groups, including RomCom and Turla, have exploited this fla...
Read More » -
LKQ Confirms Data Breach in Oracle EBS System
LKQ, a major automotive parts distributor, suffered a data breach compromising the personal data, including Social Security numbers, of over 9,070 individuals. The breach, linked to the Clop ransomware group, occurred in August, was discovered in October, and led to the Oracle EBS system being ta...
Read More »