Skip to content

External Attack Surface Management

Clop Ransomware Gang Oracle E-Business Suite Data Breach

Date of Incident: August 2024 Overview: In August 2024, the Clop ransomware gang exploited a zero-day vulnerability in Oracle E-Business Suite to breach Harvard University’s systems in the education sector. The incident, affecting a limited number of parties within a small administrative unit, involved unauthorized remote code execution that allowed the attackers to encrypt files… Read More »Clop Ransomware Gang Oracle E-Business Suite Data Breach

Discord Zendesk Support System Data Breach

Date of Incident: September 20, 2025 Overview: In September 2025, Discord experienced a significant data breach involving their Zendesk support system, affecting 5.5 million users. Attackers exploited weaknesses in Zendesk’s access controls, leading to the theft of 1.6 terabytes of data. This included sensitive information such as government IDs, partial payment information, emails, and phone… Read More »Discord Zendesk Support System Data Breach

Weekly Report: New Hacking Techniques and Critical CVEs 30 Sep – 07 Oct, 2025

This week marked a critical escalation in the global cybersecurity threat landscape, with multiple zero-day vulnerabilities actively exploited in the wild, sophisticated ransomware campaigns targeting multinational corporations, and the emergence of new threat actor alliances. The period was characterized by seven major incidents spanning enterprise software vulnerabilities, gaming platform compromises, and coordinated cybercriminal operations. Key… Read More »Weekly Report: New Hacking Techniques and Critical CVEs 30 Sep – 07 Oct, 2025

Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 30 Sep – 07 Oct, 2025

The first week of October 2025 witnessed a significant escalation in cybersecurity incidents affecting major organizations across multiple sectors including aviation, insurance, automotive, gaming, telecommunications, and software industries. This week’s incidents demonstrate sophisticated attack methodologies ranging from credential stuffing campaigns to ransomware deployment and supply chain compromises. Ten major incidents impacted over 5.5 million individuals… Read More »Weekly Cybersecurity Intelligence Report Cyber Threats & Breaches 30 Sep – 07 Oct, 2025

DraftKings Credential Stuffing Account Breach

Date of Incident: 2024-10-02 Overview: The DraftKings Credential Stuffing Account Breach, reported on October 7, 2025, involved attackers accessing customer accounts through credential stuffing techniques on October 2, 2024. This attack utilized automated login attempts with stolen credentials from other breaches, affecting personal details such as names, addresses, and transaction history. Although government IDs and… Read More »DraftKings Credential Stuffing Account Breach

Use Cases
Technology
About
Partner
Resources

FireCompass – An EC Council Ecosystem Company.
©2025 . All Rights Reserved.