Malware & Threats

Malware & Threats

Issued by: DataBreach Today

Stopping the ransomware epidemic is less about tackling individual crypto-locking malware variants and more about combating the entire ecosystem of bad actors underpinning digital extortion, the British government said Monday. Behind any infection from name-brand ransomware such as LockBit or BlackCat lies a loose network of affiliates, initial access brokers and other actors, warned the…

Malware & Threats

Issued by: Security Affairs

Cisco warns that a zero-day vulnerability (CVE-2023-20269) in Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) is actively exploited by ransomware groups to gain initial access to corporate networks. An unauthenticated, remote attacker can exploit the vulnerability to conduct a brute force attack in an attempt to identify valid username and password combinations…

Malware & Threats

Issued by: DataBreach Today

Swedish DPA Fines Insurer The Swedish data protection authority fined insurer Trygg-Hansa $3 million for a data breach that exposed the sensitive information of approximately 650,000 customers through the company’s online portal. The data protection authority’s investigation revealed the exposure had gone on for over two years, from October 2018 to February 2021. The breach…

Malware & Threats

Issued by: SecurityWeek

The new Caldera for OT extension is the result of a collaboration between the Homeland Security Systems Engineering and Development Institute (HSSEDI) and CISA, to help improve the resilience of critical infrastructure. The Caldera cybersecurity platform provides automated adversary emulation, security assessments, and red-, blue-, and purple-teaming, and uses the MITRE ATT&CK framework as its…

Malware & Threats

Issued by: DataBreach Today

When is a LockBit ransomware attack not actually a LockBit attack? Cyber defenders are reporting a profusion of attacks involving stolen or reused strains of ransomware. Blame a variety of factors, including law enforcement crackdowns on big-name brands, evolving ransomware business models and at least one case of a ransomware group leader with poor people…

Malware & Threats

Issued by: DataBreach Today

Chinese espionage hackers behind an eight-month campaign to hack Barracuda email security appliances intensified their focus on high-priority targets around the time the company moved to fix the zero-day flaw behind the campaign. Within roughly a week of Barracuda’s late-May public disclosures of the zero-day flaw affording Chinese hackers access to its ESG line of…

Malware & Threats

Issued by: DataBreach Today

After the attack comes the bill: Ransomware and data-exfiltration attacks continue to stick victims with serious cleanup, legal and other costs. Cloud computing giant Rackspace has so far spent $10.8 million responding to an attack against its hosted Exchange environment by the Play ransomware group that began late last November, the company said in an…

Malware & Threats

Issued by: SecurityWeek

The cyberespionage operation, tagged with the moniker Flax Typhoon, hacks into organizations by exploiting known vulnerabilities in public-facing servers and then using legitimate tools built into the Windows operating system and otherwise benign software to quietly remain in these networks. “Because this activity relies on valid accounts and living-off-the-land binaries (LOLBins), detecting and mitigating this…