Clop names a dozen MOVEit victims, but holds back details
Clop named a dozen victim organizations on its data-leak website Wednesday after the deadline for those compromised by the MOVEit vulnerabilities to contact the prolific ransomware group expired, ReliaQuest analysis shows. Last week, Clop, taking credit for exploiting Progress Software's MOVEit file-transfer service, set a deadline for victims to contact the group and begin negotiations to pay a ransom. READ MORE...
Russian National Arrested, Charged in US Over Role in LockBit Ransomware Attacks
The US Justice Department on Thursday announced charges against a third Russian national allegedly involved in deploying the LockBit ransomware. The man, Ruslan Magomedovich Astamirov, 20, of Chechen Republic, Russia, who was arrested in Arizona, allegedly owned, controlled, and used multiple IP addresses, email addresses, and other online accounts to deploy the LockBit ransomware and communicate with victims. READ MORE...
Russian hackers use PowerShell USB malware to drop backdoors
The Russian state-sponsored hacking group Gamaredon (aka Armageddon or Shuckworm) continues to target critical organizations in Ukraine's military and security intelligence sectors, employing a refreshed toolset and new infection tactics. Previously, the Russian hackers, who have been linked to the FSB, were observed using information-stealers against Ukrainian state organizations, employing new variants of their "Pteranodon" malware, and also using a default Word template hijacker for new infections. READ MORE...
Fake Security Researcher Accounts Pushing Malware Disguised as Zero-Day Exploits
Exploit and vulnerability intelligence provider VulnCheck has issued a warning over fake security researcher accounts distributing malware disguised as zero-day exploits for popular software. The campaign was discovered in early May, when VulnCheck came across a GitHub repository hosting code that its author claimed to be a zero-day for the Signal messaging application. READ MORE...
Barracuda ESG devices actively exploited in broad, ongoing espionage campaign
A suspected threat actor affiliated with China is exploiting a subset of compromised Barracuda Email Security Gateway SG devices to launch a widespread espionage campaign in support of the People's Republic of China, according to a report released Thursday by Mandiant. The threat actor, tracked as UNC4841, has been sending emails with malicious attachments since October 2022, in order to exploit the zero-day vulnerability disclosed in May. READ MORE...
XSS Vulnerabilities in Azure Led to Unauthorized Access to User Sessions
Two cross-site scripting (XSS) vulnerabilities in Azure Bastion and Azure Container Registry (ACR) could have led to unauthorized access to user sessions, data tampering, and service disruptions, cloud security firm Orca warns. The issues, resolved in April and May 2023, existed because of a weakness in the postMessage iframe, allowing an attacker to "embed endpoints within remote servers using the iframe tag" and execute malicious JavaScript code. READ MORE...
- ...in 1858, Abraham Lincoln delivers his House Divided speech in Springfield, Illinois.
- ...in 1884, Coney Island opens the "Switchback Railway", the first true roller coaster, designed by inventor LaMarcus Adna Thompson.
- ...in 1911, IBM is founded as the Computing-Tabulating-Recording Company in Endicott, NY.
- ...in 1916, President Woodrow Wilson signs a bill incorporating the Boy Scouts of America.
