Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

1 GB of data belonging to Puma available on Marketo

The name of the sportswear manufacturer Puma appeared on the dark web marketplace of stolen data Marketo, threat actors claim to have stolen 1 GB of data from the company. The emerging underground marketplace of stolen data ‘Marketo’ available in TOR network announced the publication of data presumably stolen from sportswear manufacturer Puma.  The ad […]

Marketo Puma

The name of the sportswear manufacturer Puma appeared on the dark web marketplace of stolen data Marketo, threat actors claim to have stolen 1 GB of data from the company.

The emerging underground marketplace of stolen data ‘Marketo’ available in TOR network announced the publication of data presumably stolen from sportswear manufacturer Puma. 

Marketo Puma

The ad on Marketo claims to have about 1GB of data stolen from the company that are now auctioned to the highest bidder. 

Cybercriminals behind ‘Marketo’ claim to be operators of an organized ‘marketplace of stolen data’ and not as a typical ransomware group distributing malicious code to disrupt IT operations by blocking the network of the victim and by encrypting available files on various data storage. 

One of the unique features provided by ‘Marketo’ – the ability to ‘bid’ on stolen data, which obviously creates competition between parties interested in data acquisition including the end victim.

At the time of this writing, 157 threat actors have made their bid to buy the sensitive data.

Some of the files stolen form Puma were published on Marketo, most of them contains source codes of internal management applications potentially linked to the company’s Product Management Portal. 

This data could be used by threat actors to orchestrate a more sophisticated attack against the company.

Experts that have analyzed the code have found evidence that the files of the organizations might have been stolen as result of a data breach of a third-party software provider.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, FIN8)

[adrotate banner=”5″]

[adrotate banner=”13″]