from cm0002@literature.cafe to cybersecurity@infosec.pub on 08 Jan 10:14
https://literature.cafe/post/27663063
A major cybersecurity breach has exposed dozens of global companies through stolen cloud credentials obtained via Infostealer malware infections. A threat actor known as “Zestix” (alias “Sentap”) is selling access to approximately 50 global corporations’ cloud services including Sharefile, Owncloud, and Nextcloud[^1].
The compromised data includes sensitive materials across multiple sectors:
- Defense: TF-X Fighter Jet and UAV blueprints from INTECRO ROBOTICS
- Infrastructure: LA Metro engineering schematics and security data from CRRC MA
- Aviation: 77GB of Iberia Airlines’ A320/A321 aircraft maintenance data
- Healthcare: 2.3TB of Brazilian Military Police health records from Maida.health[^1]
Hudson Rock’s investigation identified additional victims including Pickett, Sekisui House, IFLUSAC, K3G Solutions, GreenBills, and CiberC[^2]. The research indicates thousands more companies have exposed credentials circulating for these cloud services.
[^1]: LinkedIn - Dozens of Global Companies Hacked via Cloud Credentials from Infostealer Infections & More at Risk [^2]: Infostealers.com - Dozens of Global Companies Hacked via Cloud Credentials from Infostealer Infections & More at Risk
threaded - newest