BleepingComputer reports that Indian cybersecurity company CloudSEK has disclosed being impacted by a cyberattack on its Confluence server, which it claims was conducted by another cybersecurity firm.
Attackers leveraged stolen employee Jira account credentials to facilitate the operation, which resulted in the compromise of certain internal information from CloudSEK's Confluence Wiki, although CloudSEK emphasized that none of its databases have been impacted by the incident.
Meanwhile, images with CloudSEK data have already been leaked by the threat actor dubbed "sedut," who claims to have access to the cybersecurity company's networks, codebase, email, JIRA, and social media accounts.
Sedut has been selling the alleged CloudSEK database for $10,000, while CloudSEK's codebase and employee/engineering product documents are being sold for $8,000 each.
"We suspect a notorious Cyber Security company that is into Dark web monitoring behind the attack. The attack and the indicators connect back to an attacker with a notorious history of using similar tactics we have observed in the past," said CloudSEK founder and CEO Rahul Sasi.
Ireland-based software firm ION Group had its cleared derivatives unit compromised in a LockBit ransomware attack, impacting financial derivative trading in global markets, reports The Record, a news site by cybersecurity firm Recorded Future.