Quick show of hands: whose data hasn't been stolen in the mass exploitation of Progress Software's vulnerable MOVEit file transfer application? Anyone? According to security shop Emsisoft, 2,620 organizations and more than 77 million individuals have been impacted to date, with millions in the past week alone have received notifications that their info was either accessed, leaked, or both after the Russian ransomware gang Clop exploited a security hole in MOVEit back in May. READ MORE...
Cloud monitoring, log management, and SIEM tools provider Sumo Logic has completed its investigation into a recent security incident and the company says it has found no evidence of impact to customer data. "We are grateful to share that the diligent investigation led by our security and engineering teams uncovered no proof of customer data impact and no threat of customer data impact present," Sumo Logic said in an update shared on Monday. READ MORE...
The Canadian government has announced that information pertaining to its employees and to military and police personnel was exposed in a data breach at third-party services providers. The incident involved Brookfield Global Relocation Services (BGRS) and Sirva Canada, two moving and relocation services firms contracted by the Canadian government to provide relocation support to employees. READ MORE...
A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group. Malware researchers saw indications of compromise in the United States, Ukraine, Germany, Vietnam, Poland, Chile, and Hong Kong, which suggests that the threat group lost control of LittleDrifter, which reached unintended targets. READ MORE...
The latest version of the LummaC2 malware-as-a-service includes a new anti-sandbox maneuver - version 4.0 knows trigonometry and can use it to track mouse movements to detect when a human user is active on a compromised computer. Sandboxing lets cybersecurity defenders run untrusted applications in an isolated environment, where its behavior can be tracked safely away from the rest of the network. READ MORE...
An Atlanta tech company's former COO has pleaded guilty to a 2018 incident in which he deliberately launched online attacks on two hospitals, later citing the incidents in sales pitches. Under a plea deal he signed last week, Vikas Singla, a former business leader at network security vendor Securolytics - a provider to healthcare institutions, among others - admitted that in September 2018 he rendered the Ascom phone system of Gwinnett Medical Center inoperable. READ MORE...
On October 10, the Cybersecurity and Infrastructure Security Agency (CISA) updated the Known Exploited Vulnerabilities (KEV) catalog with five known software flaws. At the top of the list: A use-after-free vulnerability in Adobe's Acrobat and Reader PDF-viewing applications that could allow code execution with the privileges of any user that clicked on a malicious file. READ MORE...
Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems. Apache ActiveMQ is a popular Java-based open source message broker that allows communication between applications and services by translating messages exchanged via different protocols (OpenWire, STOMP, MQTT, AMQP, etc.). READ MORE...