Microsoft says the Clop ransomware group is exploiting a zero-day in IT support tool SysAid in “limited” attacks to access corporate servers and deploy Clop
blog post coming ASAP😜 Big thanks to @gleeda @HuskyHacksMK @DaveKleinatland @calebjstewart and the whole @HuntressLabs crew helping dig into this one! [image] @swiftonsecurity : I'...
Rapid7: threat actors have exploited zero-day RCE flaws in Adobe ColdFusion and Citrix NetScaler; Citrix patched its flaw but Adobe issued an incomplete fix
The exploited code-execution flaws are the kind coveted by ransomware and nation-state hackers. — Organizations big and small …
The US and the UK sanction seven people based in Russia, with likely FSB ties, connected to the Conti and Ryuk ransomware gangs and the Trickbot banking trojan
on par with terrorism and military crisis between states. Cheyenne Ligon / CoinDesk : Russian Cybercrime Gang Trickbot Sanctioned by US, UK Maggie Miller / Politico : U.S., U.K. sa...
A look at crypto money laundering in 2022: illicit addresses sent nearly $23.8B, up 68% YoY, four addresses got $1B+ combined, DeFi got record funds, and more
The 2023 Crypto Crime Report — Money laundering is crucial to all financially motivated crime because it's what enables criminals …
Security researchers say a 16-year-old from England is the Lapsus$ group's mastermind; source: researchers identified seven unique accounts tied to Lapsus$
Cybersecurity researchers investigating a string of hacks against technology companies, including Microsoft Corp. and Nvidia Corp. …
Microsoft confirms Lapsus$ compromised “a single account” and stole portions of source code for some products, but says no customer code and data was involved
Lapsus$ says it has accessed data from Okta, Nvidia, Samsung, and Ubisoft — The hacking group Lapsus$ …
Google details Exotic Lily, a “financially-motivated threat actor” that works as an initial access broker for Russian hackers and ransomware gangs like Conti
Carly Page / TechCrunch :
Security researchers say Apple and EU plans to monitor phones for illicit material are ineffective and could embolden government surveillance
In August, Apple announced a system to check all our iPhones for illegal images … Jordan Robertson / Bloomberg : Apple's Child-Porn Tracking System Is Flawed, Report Says arXiv.org...
In a post on the REvil dark web blog, the gang takes credit for the Kaseya attack, claims it infected 1M+ systems, and demands $70M in bitcoin for the decryptor
The REvil ransomware gang is asking for a $70 million ransom payment to publish a universal decryptor that can unlock …
President Biden says he has directed US intelligence agencies to investigate the Kaseya ransomware attack and adds “we're not certain” who is behind the attack
Trevor Hunnicutt / Reuters :
Personally identifiable data of 533M Facebook users has been posted online; Facebook says the data comes from a leak that was reported on and fixed in 2019
- The personal data of over 500 million Facebook users has been posted online in a low-level hacking forum.
German media: a patient died after ransomware attack forced a hospital to send them elsewhere; hackers backed down after police told them target was a hospital
A person in a life-threatening condition passed away after being forced to go to a more distant hospital due to a ransomware attack.
Researchers detail the increasingly prevalent LockBit ransomware, which may one day reach parity with other feared ransomware packages like Maze or Ryuk
You've probably never heard of LockBit, but that's likely to change. — Ransomware has emerged as one of the top threats facing large organizations …
Investigation finds cyber insurers often prefer to pay the ransom for ransomware attacks, even when backup files could be recovered, to save claim costs
Even when public agencies and companies hit by ransomware could recover their files on their own, insurers prefer to pay the ransom. Why?