VulnHub

Real-time Cybersecurity News

Major US Banks Impacted by SitusAMC Hack

SecurityWeek
RansomwareData Breach

Overview

The SitusAMC hack has resulted in the theft of sensitive corporate data, including accounting records and legal agreements, impacting major US banks. While the attack did not involve file-encrypting ransomware, the breach raises significant concerns about data security and the potential for misuse of the stolen information.

Key Takeaways

  • Affected Systems: Corporate data such as accounting records and legal agreements from major US banks.
  • Timeline: Newly disclosed

Original Article Summary

Hackers stole corporate data such as accounting records and legal agreements, but did not deploy file-encrypting ransomware. The post Major US Banks Impacted by SitusAMC Hack appeared first on SecurityWeek.

Impact

Corporate data such as accounting records and legal agreements from major US banks.

Exploitation Status

The exploitation status is currently unknown. Monitor vendor advisories and security bulletins for updates.

Timeline

Newly disclosed

Remediation

Not specified

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Ransomware, Data Breach.

Read Original Article

Related Coverage

After Bluesky, Mastodon Targeted in DDoS Attack

SecurityWeek

Mastodon, a popular decentralized social media platform, recently experienced a significant DDoS (Distributed Denial of Service) attack that resulted in a major outage. The attack disrupted services for users, but the Mastodon team managed to mitigate the impact within just a few hours. This incident follows a similar attack on Bluesky, another social media platform, raising concerns about the security of these emerging online spaces. DDoS attacks can overwhelm servers with traffic, making services unavailable to legitimate users, which can erode trust and lead to user migration. The quick response from Mastodon demonstrates their commitment to maintaining service availability, but it also highlights the ongoing risks faced by platforms that rely on decentralized architectures.

Apr 22, 2026

Critical BRIDGE:BREAK flaws impact Lantronix and Silex Technology converters

Security Affairs

Researchers at Forescout Research Vedere Labs discovered 22 vulnerabilities, known as BRIDGE:BREAK flaws, in serial-to-IP converters made by Lantronix and Silex Technology. These flaws impact around 20,000 devices, which are used to connect older serial equipment to modern IP networks. The vulnerabilities could allow attackers to hijack devices or tamper with data, posing significant risks for users relying on these converters for remote monitoring and management. This situation is concerning as it not only affects the integrity of device operations but also exposes sensitive information to potential breaches. Companies using these devices should take immediate action to assess their systems and implement necessary security measures.

Apr 22, 2026

Surge in Silent Subject Phishing Attacks Targets VIP Users

Infosecurity Magazine

Recent reports indicate a rise in silent subject phishing attacks specifically targeting VIP users. These attacks manage to evade traditional email filters by using blank subject lines, making them harder to detect. Attackers are employing QR codes and remote monitoring management (RMM) tools to carry out these schemes. The focus on high-profile individuals means that the potential for financial loss or data breaches is significant. As this trend grows, it is crucial for organizations to enhance their email security measures and educate users on recognizing suspicious communications.

Apr 22, 2026

Most Serious Cyberattacks Against the UK Now From Russia, Iran and China, Cyber Chief Says

SecurityWeek

The UK's cybersecurity chief has warned that British businesses must brace for potential cyberattacks from Russia, Iran, and China, especially if the country becomes involved in an international conflict. These nations are identified as the primary sources of serious cyber threats against the UK. The official emphasized the need for businesses to enhance their defenses to avoid being targeted at scale, which could disrupt operations and compromise sensitive data. This warning comes amid growing tensions globally, suggesting that the risk of cyberattacks may escalate as geopolitical situations evolve. Companies are urged to take proactive measures to safeguard their systems and data against these heightened threats.

Apr 22, 2026

New Wiper Malware Targeted Venezuelan Energy Sector Prior to US Intervention

SecurityWeek

A new malware strain known as Lotus Wiper has been identified targeting the Venezuelan energy sector. This malicious software is designed to disrupt recovery systems by overwriting drives and systematically deleting files, posing a significant threat to the infrastructure of the energy industry. The timing of this attack is particularly notable as it occurred just before a U.S. intervention in Venezuela, raising concerns about the geopolitical implications of cyberattacks in sensitive sectors. Energy companies in Venezuela should be particularly vigilant and assess their cybersecurity measures to protect against such destructive malware. The incident underscores the persistent risk that state-sponsored or politically motivated cyberattacks pose to critical infrastructure.

Apr 22, 2026

Mirai Botnet Targets Flaw in Discontinued D-Link Routers

SecurityWeek

The Mirai botnet is exploiting a command injection vulnerability found in certain discontinued D-Link routers. This issue emerged about a year after the vulnerability was publicly disclosed and proof-of-concept exploit code was released. Users of these routers are at risk, as the botnet can take control of the devices, potentially turning them into part of a larger network for launching attacks. The fact that these routers are no longer supported by D-Link means that affected users will not receive any official security updates or patches, leaving them vulnerable. It's crucial for individuals and organizations still using these routers to take immediate action to secure their networks, as the exploitation is ongoing.

Apr 22, 2026