• Tech News
    • Games
    • Pc & Laptop
    • Mobile Tech
    • Ar & Vr
    • Security
  • Startup
    • Fintech
  • Reviews
  • How To
What's Hot

Whalesync, a Seattle startup syncing data between software apps, raises $1.8M – Startup

February 1, 2023

Panasonic LZ2000 (2022) review

February 1, 2023

Most Criminal Cryptocurrency Funnels Through Just 5 Exchanges

February 1, 2023
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
    1. Games
    2. Pc & Laptop
    3. Mobile Tech
    4. Ar & Vr
    5. Security
    6. View All

    Bring Elden Ring to the table with the upcoming board game adaptation

    September 19, 2022

    ONI: Road to be the Mightiest Oni reveals its opening movie

    September 19, 2022

    GTA 6 images and footage allegedly leak

    September 19, 2022

    Wild west adventure Card Cowboy turns cards into weird and silly stories

    September 18, 2022

    7 Reasons Why You Should Study PHP Programming Language

    October 19, 2022

    Logitech MX Master 3S and MX Keys Combo for Business Gen 2 Review

    October 9, 2022

    Lenovo ThinkPad X1 Carbon Gen10 Review

    September 18, 2022

    Lenovo IdeaPad 5i Chromebook, 16-inch+120Hz

    September 3, 2022

    YouTube adds very convenient iPhone homescreen widgets

    October 15, 2022

    Google finishes iOS 16 Lock Screen widgets rollout w/ Maps

    October 14, 2022

    Is Apple actually turning iMessage into AIM or is this sketchy redesign rumor for laughs?

    October 14, 2022

    Samsung’s One UI 5 update is largely about personalization

    October 14, 2022

    MeetKai launches AI-powered metaverse, starting with a billboard in Times Square

    August 10, 2022

    The DeanBeat: RP1 simulates putting 4,000 people together in a single metaverse plaza

    August 10, 2022

    Improving the customer experience with virtual and augmented reality

    August 10, 2022

    Why the metaverse won’t fall to Clubhouse’s fate

    August 10, 2022

    How Apple privacy changes have forced social media marketing to evolve

    October 16, 2022

    Microsoft Patch Tuesday October Fixed 85 Vulnerabilities – Latest Hacking News

    October 16, 2022

    Decentralization and KYC compliance: Critical concepts in sovereign policy

    October 15, 2022

    What Thoma Bravo’s latest acquisition reveals about identity management

    October 14, 2022

    What is a Service Robot? The vision of an intelligent service application is possible.

    November 7, 2022

    Tom Brady just chucked another Microsoft Surface tablet

    September 18, 2022

    The best AIO coolers for your PC in 2022

    September 18, 2022

    YC’s Michael Seibel clarifies some misconceptions about the accelerator • DailyTech

    September 18, 2022
  • Startup
    • Fintech
  • Reviews
  • How To
Behind The ScreenBehind The Screen
Home»Tech News»Cisco confirms leaked data was stolen in Yanluowang ransomware hit
Tech News

Cisco confirms leaked data was stolen in Yanluowang ransomware hit

September 17, 2022No Comments3 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
Consumers left out of pocket as security costs soar
Share
Facebook Twitter LinkedIn Pinterest Email

Internal Cisco data leaked late last week by the China-based Yanluowang ransomware operation has been confirmed as stolen during a cyber attack earlier in 2022, but has insisted the leak poses no risk to its business, supply chain operations or customers.

The attack took place in May, but Cisco initially disclosed it on 10 August 2022 after its name appeared for the first time on Yanluowang’s dark web leak site.

At the time, it said, the attacker was likely an initial access broker (IAB) with links to a threat actor tracked as UNC2447, the Yanluowang crew, and the Lapsus$ group that attacked multiple tech firms at the start of the year.

They likely gained access after successfully phishing a Cisco employee who had stored their credentials in their personal Google account.

Ultimately, the attacker exfiltrated the contents of a Box folder associated with the compromised employee’s account, and employee authentication data from Active Directory.

In an update delivered on 11 September, Cisco’s threat intelligence unit Talos said: “On September 11, 2022, the bad actors who previously published a list of file names from this security incident to the dark web, posted the actual contents of the same files to the same location on the dark web. The content of these files match what we already identified and disclosed. 

They continued: “Our previous analysis of this incident remains unchanged – we continue to see no impact to our business, including Cisco products or services, sensitive customer data or sensitive employee information, intellectual property, or supply chain operations.”

See also  Twitter confirms it is testing a phone number verification badge – DailyTech

According to Bleeping Computer, however, the Yanluowang gang claims it has stolen 55GB of data including classified documents, technical information, and – critically – source code, although this is unconfirmed.

Chris Hauk, consumer privacy champion at Pixel Privacy, commented: “While this is definitely a case of ‘We said, they said’, when it comes to this data breach, Cisco customers and employees should treat this breach as if the bad actors do have access to all of the data they claim to have stolen.

“That means they should be alert for phishing schemes using the possibly purloined data, while also policing their login information, making sure they have not reused their passwords anywhere.”

A comparative rarity on the cyber criminal scene given the dominance of Russian-speaking ransomware gangs, Yanluowang was first identified in late 2021 by Symantec’s Threat Hunter team, however, it seems to have been operational since at least August 2021.

It appears to be chiefly interested in organisations operating in the financial sector, but it has also targeted those specialising in consultancy, engineering, IT services and manufacturing.

According to Symantec, it uses a number of tactics, techniques and procedures (TTPs) that are associated with the Thieflock ransomware-as-a-service (RaaS) operation, possibly suggesting the presence or influence of an affiliate.

In April 2022, researchers at Kaspersky were able to crack the ransomware’s encryption after finding a flaw in its RSA-1024 asymmetric encryption algorithm, and subsequently made a free decryptor available for victims.

Source link

Cisco confirms data hit leaked ransomware stolen Yanluowang
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Whalesync, a Seattle startup syncing data between software apps, raises $1.8M – Startup

February 1, 2023

Ex-Apple engineers raise $7.5M for new Seattle data storage startup – Startup

January 9, 2023

More tech layoffs hit Seattle region as mobile marketplace OfferUp cuts 19% of workforce – Startup

November 16, 2022

Customer data platform Amperity adds marketing and HR execs from F5, RealWear – Startup

November 15, 2022
Add A Comment

Comments are closed.

Editors Picks

Bad actors are using deepfakes to interview for remote work tech jobs

July 5, 2022

Delta Airways indicators multi-year cloud cope with AWS as buyer expertise revamp gathers tempo

July 17, 2022

Financial institution of America shares service provider advise forward of annual enterprise critiques

July 18, 2022

Information and Tech Support pledges 10,000 first help kits to Ukrainian civilians

July 24, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

Whalesync, a Seattle startup syncing data between software apps, raises $1.8M – Startup

Panasonic LZ2000 (2022) review

Most Criminal Cryptocurrency Funnels Through Just 5 Exchanges

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2023 behindthescreen.uk - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.