Dux Human Health Breach, U.S. Credit Card Sale, Boulanger Database Leak, and Mo

Section	Details
Threat Actors	Various threat actors, including hackers, Anonymous Guys, and exploiters of CVE-2024-45387
Campaign Overview	Multiple cyber incidents: breach of Dux Human Health, sale of 20K U.S. credit card records, Boulanger database leak, and DDoS attacks on Ukrainian telecoms.
Target Regions (Victims)	Dux Human Health customers, U.S. credit card holders, Boulanger users in France, Ukrainian telecoms and government websites.
Methodology	Data breaches, credit card record sales, DDoS attacks, SQL injection exploit (CVE-2024-45387).
Product Targeted	Dux Human Health database, U.S. credit cards, Boulanger e-commerce platform database, Ukrainian telecoms and government websites.
Malware Reference	CVE-2024-45387 (SQL injection exploit), DDoS attacks
Tools Used	SQL injection, Python-based POC exploit, DDoS attack tools
Vulnerabilities Exploited	SQL injection (CVE-2024-45387), unsecured databases
TTPs	• Data scraping and sales on the Dark Web. • DDoS attack methods for disrupting services. • Exploit development and sharing (CVE-2024-45387).
Attribution	Anonymous Guys (DDoS), unknown hacker groups (data breaches, exploit sales)
Recommendations	• Monitor Dark Web activities. • Implement stronger database security and patching practices. • Enhance DDoS protection for critical infrastructure.
Source	SOCRadar

Read full article:https://socradar.io/dux-human-health-breach-u-s-credit-card-sale-boulanger-database-leak-and-more/

The above summary has been generated by an AI language model