1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Cisco investigates breach after data put up for sale on BreachFor

    From TechnologyDaily@1337:1/100 to All on Tue Oct 15 15:15:05 2024
    Cisco investigates breach after data put up for sale on BreachForums

    Date:
    Tue, 15 Oct 2024 14:00:00 +0000

    Description:
    IntelBroker and friends are selling yet another archive and Cisco is taking notice.

    FULL STORY ======================================================================

    A known data leaker claims to have broken into Cisco and stolen sensitive
    data from the company. As a result, the networking technology giant is now investigating the matter.

    Earlier this week, a threat actor with the alias IntelBroker posted a new thread on the infamous BreachForums, offering Cisco data for sale: Today, I
    am selling the Cisco breach that recently happened (6/10/2024). Breached by IntelBroker, EnergyWeaponUser, and zjj, the ad states.

    As per the thread, the archive includes Github projects, Gitlab projects, SonarQube projects, source code, hardcoded credentials, certificates,
    customer SRCs, confidential documents, Jira tickets, API tokens, AWS private buckets, Cisco Technology SRCs, Docker builds, Azure Storage buckets, private & public keys, SSL certificates, and more. IntelBroker

    IntelBroker also shared a small sample as proof of their claims, but did not elaborate on how the breach was done.

    When asked for a comment, Cisco told BleepingComputer that it was looking
    into it, stating, "Cisco is aware of reports that an actor is alleging to
    have gained access to certain Cisco-related files," a company spokesperson told the publication. "We have launched an investigation to assess this
    claim, and our investigation is ongoing."

    IntelBroker is a known leaker with a solid track record, so the breach could very well be legitimate. So far, the same hacker posted data belonging to T-Mobile , Home Depot , General Electric, and many others. Together with EnergyWeaponUser, the threat actor also allegedly breached AMD back in August this year.

    However, they also had a few misses, such as the Europol breach that happened in early May this year. While advertised as a big deal, Europol played down its importance, saying that no operational data was obtained. The agency was still breached, though.

    As is always the case with data breaches, this has left the affected parties at risk of identity theft, phishing attacks, and financial loss. Anyone concerned should stay vigilant and look into the best identity theft protection on offer.

    Via BleepingComputer More from TechRadar Pro Healthcare organizations are being hit hard by cyberattacks Here's a list of the best firewalls today
    These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/cisco-investigates-breach-after-data-pu t-up-for-sale-on-breachforums


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)