ransomware

Malware & Threats

Issued by: Security Affairs

Progress is informing customers of a new critical SQL injection vulnerability, tracked as CVE-2023-36934, in its MOVEit Transfer software. MOVEit Transfer software recently made the headlines due to the massive Clop ransomware hacking campaign exploiting a vulnerability in the product. The flaw CVE-2023-36934 impacts software versions released before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7…

Malware & Threats

Issued by: Dark Reading

Cargo containers filled with imports and exports from all over the world have been stuck at the Port of Nagoya following a ransomware attack on its networks early Tuesday morning. The port is the largest in Japan and the central shipping hub for international carmaker Toyota. According to its operator, Nagoya Harbor Transportation, it received…

Malware & Threats

Issued by: DataBreach Today

Critical services in the Netherlands could be a potential target of ransomware and hacktivist attackers with ties to Russia as a means to sow large-scale disruptions in the country, according to a Dutch National Cyber Security Centre warning this week. Although the Russian invasion of Ukraine did not immediately result in a high-level of attacks…

Malware & Threats

Issued by: Naked Security

The latest high-profile cybercrime exploits attributed to the Clop ransomware crew aren’t your traditional sort of ransomware attacks (if “traditional” is the right word for an extortion mechanism that goes back only to 1989). Conventional ransomware attacks are where your files get scrambled, your business gets totally derailed, and a message appears telling you that…

Vulnerabilities

Issued by: DataBreach Today

The company behind the MOVEit managed file transfer application is urging customers into a new round of emergency patching after identifying additional vulnerabilities. Progress Software in a Friday update said it had identified additional SQL injection vulnerabilities allowing attackers access to the MOVEit transfer database. “These newly discovered vulnerabilities are distinct from the previously reported…

News

Issued by: DataBreach Today

Security researchers have discovered an Iran-linked APT group carrying out a new chain of ransomware attacks using a new strain of malware against Israeli organizations. Researchers at Check Point found a ransomware strain called Moneybird that is reminiscent of the Iranian Agrius group’s previous campaigns. Agrius gained notoriety for targeting Israel-based entities with wiper variants,…

Malware & Threats

Issued by: DataBreach Today

A Russian man the U.S. federal government says has been a key actor in Russian ransomware hacking faces indictment in two American jurisdictions, economic sanctions and a $10 million reward for information leading to his arrest. The man, Mikhail Matveev, 31, aka Wazawaka, was a central figure of the Babuk ransomware-as-a-service gang. Babuk became inactive…

News

Issued by: Dark Reading

A newly discovered ransomware gang dubbed RA Group is ramping up its cyberattacks — the latest in a line of threat actors leveraging the leaked Babuk source code. The group distinguishes itself from the rest of the Babuk pack, however, with a highly customized approach. According to an analysis from Cisco Talos this week, RA…

Vulnerabilities

Issued by: Security Affairs

The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350. The Bl00dy ransomware has been active since May 2022, it has been the first group that started using the leaked LockBit ransomware builder in attacks in the…

News

Issued by: DataBreach Today

Dragos Industrial cybersecurity company Dragos disclosed a likely attempted ransomware attack. In a post it characterizes as a bid to destigmatize security events, the company said a “known cybersecurity group” attempted but failed to gain control of a Dragos system. It did retrieve 25 intelligence reports normally only available to customers. The group pivoted to…