Yanluowang Ransomware Group Breached Cisco by Hijacking Employee's Google Account
Krebs wants to see new U.S. digital agency, RenBridge used to launder $540 million in cybercrime proceeds, FTC is probing BitMart hack, Automotive supplier breached by three different gangs, more
Check out my latest CSO Column that describes how a Venezuelan disinformation campaign swayed voters in Colombia.
Tech giant Cisco confirmed that the Yanluowang ransomware group breached its corporate network in late May using an employee's stolen credentials after hijacking the employee's personal Google account containing credentials synced from their browser.
The company said that the attackers could only harvest and steal non-sensitive data from a Box folder linked to a compromised employee's account. It said it did not identify any impact on its business due to this incident, but the bad actors published a list of files from this security incident to the dark web after they tried to extort Cisco under the threat of leaking stolen files online.
Cisco said that even though the Yanluowang gang is known for encrypting their victims' files, it found no evidence of ransomware payloads during the attack. (Sergiu Gatlan / Bleeping Computer)
Related: Security Affairs, Talos Intelligence, Rest…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.