ransomware

Malware & Threats

Issued by: Security Affairs

Cisco warns that a zero-day vulnerability (CVE-2023-20269) in Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) is actively exploited by ransomware groups to gain initial access to corporate networks. An unauthenticated, remote attacker can exploit the vulnerability to conduct a brute force attack in an attempt to identify valid username and password combinations…

Malware & Threats

Issued by: DataBreach Today

Swedish DPA Fines Insurer The Swedish data protection authority fined insurer Trygg-Hansa $3 million for a data breach that exposed the sensitive information of approximately 650,000 customers through the company’s online portal. The data protection authority’s investigation revealed the exposure had gone on for over two years, from October 2018 to February 2021. The breach…

Malware & Threats

Issued by: DataBreach Today

When is a LockBit ransomware attack not actually a LockBit attack? Cyber defenders are reporting a profusion of attacks involving stolen or reused strains of ransomware. Blame a variety of factors, including law enforcement crackdowns on big-name brands, evolving ransomware business models and at least one case of a ransomware group leader with poor people…

Malware & Threats

Issued by: DataBreach Today

After the attack comes the bill: Ransomware and data-exfiltration attacks continue to stick victims with serious cleanup, legal and other costs. Cloud computing giant Rackspace has so far spent $10.8 million responding to an attack against its hosted Exchange environment by the Play ransomware group that began late last November, the company said in an…

Vulnerabilities

Issued by: DataBreach Today

The Cuba ransomware group is exploiting a bug in data backup software exposed in March, warn security researchers. The Russian-speaking gang is deploying a combination of new and old tools, including a high-severity vulnerability in a backup application made by software developer Veeam, said BlackBerry. The Russian-speaking gang is deploying a combination of new and…

News

Issued by: DataBreach Today

The Biden administration says it want to get ahead of ransomware attacks against schools before tens of millions of pupils resume studies later this month. Typically understaffed and underfunded when it comes to cybersecurity, American K-12 schools have experienced a ramp-up in ransomware attacks, particularly after the novel coronavirus pandemic forced hasty adoption of remote…

Malware & Threats

Issued by: CSO Online

An apparently innocuous cloud hosting provider may be fronting for an Iran-based company that provides command-and-control services to ransomware attackers, according to a report published this week by security consultant and anti-ransomware vendor Halcyon. Cloudzy, the report said, is primarily a virtual private server provider, which accepts cryptocurrency as payment for its services. Halcyon said…

Malware & Threats

Issued by: DataBreach Today

The Clop group’s mass exploitation of MOVEit file-transfer software represents the latest stage of innovation in the ever-evolving ransomware ecosystem. As with all cybercrime, criminals’ imperative is simple: maximize illicit profits via the least amount of effort, time and risk. Russian-speaking criminal group Clop’s attacks have affected at least 421 organizations – and likely many…