The Cyber Express
Banco Santander Confirms Data Breach, Assures Customers’ Transactions Remain Secure
Santander, one of the largest banks in the eurozone, confirmed that an unauthorized party had gained access to a database
The Cyber Express
Santander Confirms Data Breach, Assures Customers’ Transactions Remain Secure
Santander, one of the largest banks in the eurozone, confirmed that an unauthorized party had gained access to a database
Cyber Security News
University System of Georgia Says 800,000 Students Impacted in MOVEit Hack
The University System of Georgia (USG) announced that the confidential information of approximately 800,000 students, faculty, and staff was exposed in the recent MOVEit data breach.
SecurityWeek
University System of Georgia Says 800,000 Impacted by MOVEit Hack
University System of Georgia says Social Security numbers and bank account numbers were compromised in the May 2023 MOVEit hack.
CyberNews
Data incident at University System of Georgia exposes bank account numbers
The University System of Georgia, a US government agency, has suffered a data incident via the infamous MOVEit Transfer hack.
Security Magazine
Vulnerability exploitation on the rise
The most commonly exploited vulnerabilities.
The Cyber Express
CL0P Lists McKinley Packing, Pilot, and Pinnacle Engineering as Latest Victims
The CL0P ransomware group has listed 3 additional victims on its leak site. The mentioned victims include: McKinley Packing, Pilot
DarkReading
Verizon DBIR: Basic Security Gaffes Cause Breach Surge
MOVEit drove a big chunk of the increase, but social engineering and failure to patch led to a doubling of data breaches since 2023, said Verizon Business.
SC Magazine
Verizon’s 2024 Data Breach Investigations Report: 5 key takeaways
Vulnerability exploits, pure extortion and internal risks are on the rise, while AI threats fall short.
Trend Micro
Trend Micro Collaborated with Interpol in Cracking Down Grandoreiro Banking Trojan
In this blog entry, we discuss Trend Micro's contributions to an Interpol-coordinated operation to help Brazilian and Spanish law enforcement agencies analyze malware samples of the Grandoreiro banking trojan.
The Hacker News
Ransomware Double-Dip: Re-Victimization in Cyber Extortion
Major cybercrime groups are under attack by police. But are these takedowns effective? Some groups vanish, others bounce back in DAYS.
The Cyber Express
Consol Energy Targeted in Cyberattack: Russian Cyber Army Claims Responsibility
The Cyber Army Russia has claimed a cyberattack on Consol Energy, a prominent American energy company headquartered in Cecil Township,
CyberNews
Wave of ransomware on the cheap: junk guns still okay for small targets
Researchers observe a flood of crude and amateurish ransomware. But it’s cheap, difficult to trace, and comes in many flavors.
The Hacker News
Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers
Akira Ransomware group has already extorted roughly $42 million from over 250 victims globally. They are now targeting both Windows and Linux systems.
The Hacker News
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor
FIN7, a notorious cybercrime group, is targeting the U.S. automotive industry with spear-phishing attacks.
.webp)
Cyber Security News
Data Center Ransomware Attacks on Rise: Microsoft SQL Server is Prime Target
Microsoft SQL Server is one of the most popular databases deployed globally and an irresistible target for ransomware Attacks.
SC Magazine
LockBit copycat DarkVault spurs rebranding rumor
Several impersonators have used LockBit’s branding and leaked builder in their attacks.
The Hacker News
CL0P's Ransomware Rampage - Security Measures for 2024
CL0P ransomware emerges as a major player in the cybercrime world! From "bed bug" beginnings to a global threat, this group's aggressive tactics are r
The Hacker News
The Drop in Ransomware Attacks in 2024 and What it Means
Q1 2024 had 22% less ransomware attacks than Q4 2023. Why is that and is it a trend that will continue?
The Hacker News
CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products
CISA adds 3 security flaws to its Known Exploited Vulnerabilities catalog, citing active exploitation evidence
The Hacker News
TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks
Multiple threat actors exploit security flaws in JetBrains TeamCity to deploy ransomware, crypto miners, Cobalt Strike beacons, and Spark RAT
SecurityWeek
Aiohttp Vulnerability in Attacker Crosshairs
A recently patched Aiohttp vulnerability tracked as CVE-2024-23334 is being targeted by threat actors, including by a ransomware group.
Security Affairs
PoC exploit for critical RCE in Fortra FileCatalyst tool released
Fortra addressed a critical remote code execution vulnerability impacting its FileCatalyst file transfer product.
The Hacker News
Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool
Fortra patches critical flaw in FileCatalyst transfer tool. Vulnerability allows remote code execution via directory traversal.
CyberNews
LockBit back online, already targeting hospitals with ransomware
The LockBit ransom gang is back up since global police allege it decimated the group’s infrastructure and claimed the Ernest Health hospital network as its latest victim.
SecurityWeek
Toward Better Patching — A New Approach with a Dose of AI
Use of AI to help vulnerability prioritization approaches suggests an exciting future for AI-assisted methods to vulnerability triaging.
SecurityWeek
Cyber Insights 2024: Ransomware
The ransomware threat will continue to grow and expand. It is the quintessential business plan for cybercriminals.
SC Magazine
ConnectWise exploit could spur ‘ransomware free-for-all,’ expert warns
Thousands of ScreenConnect servers are at risk of takeover from a CVSS 10-scored vulnerability.
Trend Micro
Trend Micro and INTERPOL Join Forces Again for Operation Synergia
Trend and other private entities recently contributed to INTERPOL’s Operation Synergia, a global operation that successfully took down over 1,000 C&C servers and identified suspects related to phishing, banking malware, and ransomware activity.
DarkReading
Median Ransomware Demands Grow to $600K a Pop
The now-disrupted LockBit gang outpaced its competitors in volume in 2023, as ransom amounts spiked 20% year-over-year.
Bleeping Computer
Ransomware Groups, Targeting Preferences, and the Access Economy
The cybercrime ecosystem has created a supply chain of stolen accounts and breached networks that are used to fuel ransomware attacks and data breaches. Learn more from Flare about how this supply chain has led to an explosion of cybercrime.
SecurityWeek
Cyber Insights 2024: Supply Chain
Supply chain security: A successful attack against a supplier can lead to multiple opportunities against the supplier’s downstream customers
The Cyber Express
US Law Firm Bronstein & Carmona Hit by CL0P Ransomware: Client Data at Risk
Bronstein & Carmona, a law firm based in the US, is under suspicion of falling prey to the notorious CL0P
SecurityWeek
Hunter-Killer Malware Tactic Growing: Stealthy, Persistent and Aggressive
A malware tactic dubbed ‘hunter-killer’ is growing and may become the standard approach for advanced attacks.
The Hacker News
U.S. Offers $10 Million Bounty for Info Leading to Arrest of Hive Ransomware Leaders
U.S. Department of State is offering up to $10 million for information on Hive ransomware operators.
Cyber Security News
Ransomware Payments Hitting Record High, Exceed $1 Billion
A new report by Chainalysis found that ransomware payments reached a staggering $1 billion in 2023, highlighting the growing threat posed by cybercrime.
CyberNews
Record $1.1 billion paid in ransoms in 2023
2023 marked a major comeback for cyber gangs deploying ransomware, who received a record-breaking sum of at least $1.1 billion in ransom payments.
SC Magazine
Ransomware payments breached $1 billion in 2023, a first
The MOVEit hack and growth of RaaS helped drive record-breaking ransomware revenue, analysts say.
PCMag
Ransomware Attacks Rake in Over $1 Billion in 2023 for New Record
Payments to ransomware attackers surge in 2023, doubling in value from the previous year, according to data from Chainalysis.
SecurityWeek
Schneider Electric Responding to Ransomware Attack, Data Breach
Schneider Electric’s Sustainability Business division disrupted as a result of a ransomware attack and data breach.
DarkReading
Fortra Discloses Critical Auth Bypass Vuln in GoAnywhere MFT
PoC exploit code for flaw is publicly available, heightening breach risks for users of the managed file transfer technology.
The Cyber Express
Indian Legal Powerhouse S&A Law Hit by CL0P Ransomware Attack
The CL0P ransomware group has claimed responsibility for compromising India-based S&A Law Offices, a leading firm offering litigation services, commercial
The Hacker News
Patch Your GoAnywhere MFT Immediately - Critical Flaw Lets Anyone Be Admin
GoAnywhere users, listen up! Critical bug (CVE-2024-0204) lets anyone become admin. Update to 7.4.1 immediately.
SecurityWeek
Outsmarting Ransomware’s New Playbook
By ensuring that all sensitive data is effectively encrypted, organizations render any exfiltrated data useless to attackers.
CyberNews
Ransomware landscape overview 2023
This research article aims to provide a comprehensive overview of ransomware group activity throughout the year 2023.
The Hacker News
3 Ransomware Group Newcomers to Watch in 2024
2023 witnessed a shocking 55.5% increase in ransomware victims! Over 4,368 cases reported globally. Stay ahead in the cybersecurity game.
CyberNews
Toronto Zoo hit by ransomware attack
The largest zoo in Canada, Toronto Zoo, was hit by a ransomware attack on Friday, January 5th, affecting systems and some information about visitors, members, and donors.
The Cyber Express
Data Breach Hits US Department of Transportation, Aviation Records Compromised
A threat actor known as IntelBroker has claimed responsibility for a major data breach targeting the United States Department of
CyberNews
Barrick Gold breach exposes thousands of Social Security numbers
Barrick Gold data leak exposed thousands of Social Security numbers.
The Cyber Express
Decoding Hackers in 2023: The Year’s Most Disruptive Cybercriminals and Cybercrime Syndicates
The year 2023 witnessed a surge in high-profile cyberattacks, leaving organizations shattered and the world in chaos. This digital turmoil
CyberNews
Top ten biggest security incidents of 2023
External actors are responsible for the vast majority (83%) of breaches.
Cyber Security News
Top 10 Vulnerabilities That Were Exploited the Most In 2023
Some of the vulnerabilities were added to the CISA’s Known Exploited Vulnerabilities catalog marking them as extremely important to patch.
Infosecurity News
2023 Cyber Threats: 26,000+ Vulnerabilities, 97 Beyond CISA List
The Qualys report also showed over 7000 vulnerabilities had proof-of-concept exploit code
SecurityWeek
Delta Dental of California Discloses Data Breach Impacting 6.9 Million People
Delta Dental of California says over 6.9 million individuals were impacted by a data breach caused by the MOVEit hack.
The Cyber Express
Cyber Chaos 2023: Decoding the Year’s Most Daring Hacks
The year 2023 stands as a pivotal moment in the ongoing evolution of cyber threats. Witnessing the emergence of new
HACKRead
Delta Dental Hit with 7 Million User Data Breach in MOVEit-Linked Attack
Since its emergence in May 2023, the MOVEit vulnerability has been exploited by the Russian-linked Cl0p ransomware gang, revealing their involvement in the breach.
CyberNews
Largest US dental insurer breached in MOVEit attack, 7M exposed
Dental insurance company Delta Dental has become yet another victim of the MOVEit Transfer zero-day flaw exploitation campaign.
DarkReading
Ransomware Gangs Use PR Charm Offensive to Pressure Victims
Threat actors fully embrace the spin machine: rebranding, speaking with the media, writing detailed FAQs, and more, in an effort to make headlines.
CyberNews
Spider-Man game creator claimed by ransom gang
Rhysida claims to have stolen “exclusive, unique, and impressive data” from Insomniac, but there are no details as to the amount or contents.
SC Magazine
Thanksgiving week ransomware attack hits Ardent Health hospitals in 6 states
More than 200 sites of care and 30 hospitals in Ardent Health Services' system were affected by the ransomware attack, which was discovered Thanksgiving morning.
The Cyber Wire
Ransomware attacks against healthcare organizations.
Why criminals find healthcare organizations attractive targets.
Security Affairs
Welltok data breach impacted 8.5 million patients in the U.S.
Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 million patients in the U.S.
Security Affairs
Automotive parts giant AutoZone disclosed data breach after MOVEit hack
American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack
SecurityWeek
185,000 Individuals Impacted by MOVEit Hack at Car Parts Giant AutoZone
Car parts giant AutoZone says nearly 185,000 individuals were impacted by a data breach caused by the MOVEit hack.
The Record
Cyberattackers leaked data of 27,000 NYC Bar Association membersers
The Clop ransomware gang claimed to have attacked the organization in January. Eleven months later, the New York City Bar Association has finally acknowledged the incident.
CyberNews
AutoZone adds itself to MOVEit victim list
US automotive parts giant says up to nearly 185,000 people may have been affected by cyberattack earlier this year.
CyberNews
Welltok MOVEit hack impacts 1.6M individuals
Welltok MOVEit Trasnfer breach impacted millions of individuals.
CyberNews
MESVision attack exposes nearly 350K individuals
MESVision fell victim in MOVEit Trasnfer hack, exposing hundreds of thousands of victims.
Cyber Security News
MOVEit Hackers Turn to SysAid Servers Zero-Day Vulnerability
SysAid disclosed a zero-day which was affecting on-premises SysAid servers. The vulnerability was found to be a path traversal vulnerability.
CyberNews
1.3M impacted in the State of Maine data breach
The State of Maine data breach exposed over a million of its residents.
CyberNews
Allen & Overy law firm breached, LockBit takes credit
Top global law firm Allen & Overy (A&O) said some of its systems have been impacted due to a “data incident” claimed by the LockBit ransomware group.
The Hacker News
Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability
Microsoft exposes Lace Tempest's latest move: exploiting a zero-day flaw in SysAid IT support software.
DataBreaches
MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)
Helga Labus reports: A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace...
Cyber Security News
Over 700 Zero-Day Vulnerabilities Identified in Q3 2023: Mitigation Methods on WAAP
A "zero-day vulnerability" is a security flaw or weakness in a software application, operating system, or hardware device unknown to the vendor or the public.
SecurityWeek
SEC Investigating Progress Software Over MOVEit Hack
Progress Software confirms the SEC has launched its own investigation into costly ransomware zero-days in the MOVEit file transfer software.
The Record
Progress Software facing dozens of class action lawsuits, SEC investigation following MOVEit incident
The company told the Securities and Exchange Commission that it is facing 58 class action lawsuits, as well as inquiries from a variety of agencies, in relation to the MOVEit cyberattacks.
SecurityWeek
Sony Confirms Data Stolen in Two Recent Hacker Attacks
Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups.
-1.webp)
Cyber Security News
Sony Breached Via MOVEit Zero-Day Vulnerability
Sony Interactive Entertainment (SIE) discloses a cybersecurity breach caused by the exploitation of a zero-day vulnerability in MOVEit.
DataBreaches
HC3: Sector Alert Progress Software WS_FTP Critical Vulnerabilities
Progress Software WS_FTP Critical Vulnerabilities Executive Summary Progress Software, the maker of the MOVEit file transfer software which was widely...
CSO
ShadowSyndicate Cybercrime gang has used 7 ransomware families over the past year
Researchers from Group-IB believe it's likely the group is an independent affiliate working for multiple ransomware-as-a-service operations
DarkReading
Move Over, MOVEit: Critical Progress Bug Infests WS_FTP Software
In the wake of Cl0p's MOVEit rampage, Progress Software is sending file-transfer customers scrambling again — this time to patch a critical bug that is easily exploitable with a specially crafted HTTPS POST request.
SecurityWeek
In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
New RSA encryption attack, Meta’s AI privacy safeguards, and ShinyHunters hackers’ guilty plea in the United States
The Hacker News
Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server
Progress Software releases hotfixes for critical CVE-2023-40044 and 7 other vulnerabilities in WS_FTP Server
Cyber Security News
ShadowSyndicate: A New Raas Provider Launching Multiple Ransomware Attacks
A new Ransomware-as-a-service (RaaS) provider has been discovered by researchers, which notably uses multiple ransomware families and is found to have links with several ransomware attacks since July 2022.
DarkReading
Researchers Uncover RaaS Affiliate Distributing Multiple Ransomware Strains
Ransomware-as-a-service affiliate ShadowSyndicate is unusual for the size of its malicious infrastructure and the fact that it's distributing seven different ransomware strains.
Infosecurity News
ShadowSyndicate Investigation Reveals RaaS Ties
The investigation was conducted by Group-IB, Bridewell and threat researcher Michael Koczwara
The Hacker News
ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families
Cyber experts uncover a new threat: ShadowSyndicate. Explore their connections to ransomware and the latest findings from cybersecurity experts.
DarkReading
Akira Ransomware Mutates to Target Linux Systems, Adds TTPs
The newly emerged ransomware actively targets both Windows and Linux systems with a double-extortion approach.
SecurityWeek
3 Malware Loaders Detected in 80% of Attacks: Security Firm
QakBot, SocGholish, and Raspberry Robin are the three most popular malware loaders, accounting for 80% of the observed incidents.
The Hacker News
LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants
The leak of LockBit 3.0 ransomware builder has led to the emergence of various new cyber threats: Bl00dy, Buhti, and NATIONAL HAZARD AGENCY.
SecurityWeek
Nearly 1,000 Organizations, 60 Million Individuals Impacted by MOVEit Hack
Nearly 1,000 organizations and 60 million individuals are impacted by the MOVEit hack, and the Cl0p ransomware gang is leaking stolen data.
DarkReading
Ransomware Reaches New Heights
It's not going anywhere: Easy-to-exploit bugs like MOVEit, leaks of stolen data, and rapid-fire escalation are keeping ransomware attacks as painful as ever.
SecurityWeek
Cybersecurity Companies Report Surge in Ransomware Attacks
Cybersecurity companies have released a dozen ransomware reports in recent weeks and most of them show a surge in attacks.
DarkReading
Chinese APT Targets Hong Kong in Supply Chain Attack
Dubbed Carderbee, the group used legitimate software and Microsoft-signed malware to spread the Korplug/PlugX backdoor to various Asian targets.
CyberScoop
Previously unknown hacking group targets Hong Kong organizations in supply chain cyberattack
The unknown and unattributed hackers compromised legitimate software in apparent focused attack, researchers said.
SecurityWeek
Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands
Rapid7 says criminal ransomware gangs could easily be able to purchase and use bevy of zero-day exploits for vulnerable enterprise software.
Infosecurity News
Ransomware Surges With 1500 Confirmed Victims This Year
A Rapid7 report finds there have been at least 1500 ransomware victims in the first half of 2023
Bleeping Computer
Triple Extortion Ransomware and the Cybercrime Supply Chain
Ransomware attacks continue to grow both in sophistication and quantity. Learn more from Flare about ransomware operation's increasing shift to triple extortion.
The Hacker News
CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks
Citrix ShareFile under attack! Learn about ongoing exploitation of CVE-2023-24489 and how to defend your systems.
Security Affairs
Colorado HCPF Department notifies 4 million individuals after IBM MOVEit breach
The Colorado Department of Health Care Policy & Financing (HCPF) disclose a data breach after MOVEit attack on IBM. The Colorado Department of Health Care Policy & Financing (HCPF) disclosed a data breach that impacted more than four million individuals. The incident is the result of a MOVEit attack on IBM, threat actors accessed the […]
Loading more articles....