The Nefilim ransomware operation has begun to publish unencrypted files stolen from a Dussmann Group subsidiary during a recent attack.

The Dussmann Group is the largest multi-service provider in Germany with subsidiaries focusing on facility management, corporate childcare, nursing and care for the elderly, and business systems solutions, including HVAC, electrical work, and elevators.

The company has confirmed to BleepingComputer that one of their subsidiaries, Dresdner Kühlanlagenbau GmbH (DKA), recently suffered a ransomware attack where data was stolen.

Nefilim publishes DKA’s stolen data

During the DKA attack, the Nefilim operators claim to have stolen unencrypted files before deploying the ransomware.

Promo.com, an Israeli-based marketing video creation site, has disclosed a data breach after a database containing 22 million user records was leaked for free on a hacker forum.

Promo is a web site that allows you to create promotional videos or ads that can then be shared on social networks such as Facebook, Instagram, Twitter, and LinkedIn.

In a report shared with BleepingComputer by cybersecurity intelligence firm CloudSEK, a well-known seller of data breaches posted a database containing 22.1 million user records on a hacker forum.

This data contains users email addresses, names, genders, geographic location, and for 2.6 million

Overdraft protection and cash advance service Dave has suffered a data breach after a database containing 7.5 million user records was sold in an auction and then released later for free on hacker forums.

Dave is a fintech company that allows users to link their bank accounts and receive cash advances for upcoming bills to avoid overdraft fees. Subscribers who need extra money to pay a bill can get a payday loan up to $100, but cannot receive another loan until it is repaid.

A threat actor released a database containing 7,516,691 users records for free on a hacker forum

07/25 Update added below. This post was originally published on July 22nd, 2020.

Hundreds of unsecured databases exposed on the public web are the target of an automated ‘meow’ attack that destroys data without any explanation.

The activity started recently by hitting Elasticsearch and MongoDB instances without leaving any explanation, or even a ransom note. Attacks then expanded to other database types and to file systems open on the web.

A quick search by BleepingComputer on the IoT search engine Shodan initially found dozens of databases that have been affected by this attack. Recently, the number of wiped databases increased

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today published a warning confirming the active exploitation of the unauthenticated remote code execution (RCE) CVE-2020-5902 vulnerability affecting F5 Big-IP ADC devices.

CISA’s alert also provides additional mitigations and detection measures to help victims find out if their systems may have been compromised and recover after attacks that successfully exploited unpatched F5 devices.

Two orgs compromised after CVE-2020-5902 exploitation

According to F5’s security advisory, any remaining unpatched devices are probably already compromised during attacks that started just a few days after the company disclosed the security flaw.

“CISA has observed scanning and

The UK National Cyber Security Centre (NCSC) today highlighted the increasing risks posed by ransomware attacks, phishing campaigns, and Business Email Compromise (BEC) fraud schemes targeting sports organizations and teams, including Premier League football clubs.

According to the cybersecurity agency’s data primarily sourced from an Ipsos MORI survey commissioned by the agency, at least 70% of sports organizations experienced a breach or cyber incident during the last year, with 30% having recorded over 5 incidents during that period, “more than double the average for UK businesses.”

Out of these incidents, roughly 30% have also caused average financial damage of £10,000