RA Ransomware Group Emerges With Custom Spin on Babuk
A newly discovered ransomware gang dubbed RA Group is ramping up its cyberattacks — the latest in a line of threat actors leveraging the leaked Babuk source code. The group distinguishes itself from the rest of the Babuk pack, however, with a highly customized approach. According to an analysis from Cisco Talos this week, RA…
Bl00dy Ransomware Gang actively targets the education sector exploiting PaperCut RCE
The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350. The Bl00dy ransomware has been active since May 2022, it has been the first group that started using the leaked LockBit ransomware builder in attacks in the…
Infamous Twitter Hacker Cops to Cybercrimes, Extradited to US for Trial
Stalking, extortion, and swatting are just a sampling of the cybercrimes UK citizen Joseph James O’Connor has confessed to committing — dating back to a spectacular 2020 Twitter caper where he hijacked famous accounts, including Elon Musk’s, to defraud victims. O’Conner (aka PlugwalkJoe), 23, was extradited from Spain to New York to face charges related…
Hackers Leak Private Keys; Many MSI Products at Risk
The security of hundreds of Micro-Star International products is at risk due to hackers leaking private code signing keys stolen during a data breach last month. The Money Message ransomware group began leaking stolen data last Thursday after “no agreement” was reached with the Taiwanese PC vendor, the group said on its data leak site….
Why Haven’t Ransomware Groups Assisted Russia’s Invasion?
When Russia launched its all-out war against Ukraine in February 2022, many cybersecurity watchers feared ransomware groups would serve as a proxy force. But Moscow doesn’t appear to have deputized cybercrime-driven crypto-locking malware brigades. So said participants in a panel held Friday by the Institute for Security and Technology on the ransomware implications of the…
Court Rules in Favor of Merck in $1.4 Billion Insurance Claim Over NotPetya Cyberattack
The Superior Court of New Jersey Appellate Division has ruled in favor of Merck in its $1.4 billion claim against the insurance industry for denying payment for damages caused by the 2017 NotPetya cyberattack. Merck did not have separate cyber insurance, and instead relied on the ‘all risks’ element of its property insurance. According to…
T-Mobile suffered the second data breach in 2023
T-Mobile suffered the second data breach of 2023, threat actors had access to the personal information of hundreds of customers starting in late February 2023. The security breach impacted a limited number of customers, only 836 individuals. The carrier states that personal financial account information and call records were not affected by the security breach….
Google leaking 2FA secrets – researchers advise against new “account sync” feature for now
The Google Authenticator 2FA app has featured strongly in cybersecurity news stories lately, with Google adding a feature to let you backup your 2FA data into the cloud and then restore it onto other devices. To explain, a 2FA (two-factor authentication) app is one of those programs that you run on your mobile phone or…
Experts released PoC Exploit code for actively exploited PaperCut flaw
Hackers are actively exploiting PaperCut MF/NG print management software flaws (tracked as CVE-2023-27350 and CVE-2023-27351) in attacks in the wild. The threat actors were observed installing the Atera remote management software to take over vulnerable servers. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the…
American Bar Association (ABA) suffered a data breach,1.4 million members impacted
The American Bar Association (ABA) is a voluntary bar association of lawyers and law students; it is not specific to any jurisdiction in the United States. The ABA has 166,000 members as of 2022. The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018. The…
