City of Toronto confirms data theft, Clop claims responsibility
City of Toronto is among Clop ransomware gang's latest victims hit in the ongoing GoAnywhere hacking spree. Other victims listed alongside the Toronto city government include UK's Virgin Red and the statutory corporation, Pension Protection Fund. By exploiting a remote code execution flaw in Fortra's GoAnywhere secure file transfer tool, Clop claims it has managed to breach more than 130 organizations thus far. READ MORE...
Github publishes RSA SSH host keys by mistake, issues update
Github has updated its SSH keys after accidentally publishing the private part to the world. Whoops. A post on Github's security blog reveals that the company has changed its RSA SSH host keys. This is going to cause connection errors, and some frightening warning messages, for a lot of developers, but it's all right: it's not scary cracker activity, just plain old human error. READ MORE...
BreachForums to be shut down after all for fear of law enforcement infiltration
On March 15, 2023 US law enforcement arrested a man from New York who was accused of being the administrator of BreachForums, a well-known and probably the largest Dark Web marketplace for stolen data to be leaked and sold. At first, a new administrator rose to the occasion and said they were working on a plan to get the forum through the problems caused by that arrest. But on Tuesday March 21, 2023 this new administrator announced the decision to shut BreachForums down. READ MORE...
New CISA tool detects hacking activity in Microsoft cloud services
The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has released a new open-source incident response tool that helps detect signs of malicious activity in Microsoft cloud environments. Known as the 'Untitled Goose Tool' and developed in collaboration with Sandia, a U.S. Department of Energy national laboratory, this Python-based utility can dump telemetry information from Azure Active Directory, Microsoft Azure, and Microsoft 365 environments. READ MORE...
New Android Malware Targets Customers of 450 Financial Institutions Worldwide
A threat actor is targeting customers of 450 banks and cryptocurrency services worldwide with a dangerous Android Trojan that has multiple features for hijacking online accounts and potentially siphoning funds out of them. The authors of the so called "Nexus" Android Trojan have made the malware available to other threat actors via a newly announced malware-as-a-service (MaaS) program where individuals and groups can rent or subscribe to the malware and use it in their own attacks. READ MORE...
CISA Gets Proactive With New Pre-Ransomware Alerts
The US Cybersecurity and Infrastructure Security Agency (CISA) this week announced a new initiative to alert organizations of early-stage ransomware attacks. Since the start of the year, the agency has notified more than 60 organizations in the energy, education, healthcare, water/wastewater, and other sectors. Many of these organizations were able to mitigate the attack before data was encrypted and exfiltrated. READ MORE...
Okta Post-Exploitation Method Exposes User Passwords
A post-exploitation attack method has been uncovered that allows adversaries to read cleartext user passwords for Okta, the identity access and management (IAM) provider - and gain far-ranging access into a corporate environment. Researchers from Mitiga discovered that the IAM system saves Okta user passwords to audit logs if a user accidentally types them in the "username" field when logging in. READ MORE...
PoC Exploit Published for Just-Patched Veeam Data Backup Solution Flaw
Security researchers have published proof-of-concept (PoC) code that provides a roadmap to exploit a recently patched high-severity vulnerability in the Veeam Backup & Replication product. Earlier this month, Veeam released a patch for CVE-2023-27532 (CVSS score of 7.5), a security defect the company warned could be exploited to obtain encrypted credentials that are stored in the configuration database. READ MORE...
- ...in 1874, legendary stage magician and escape artist Erik Weisz, AKA Harry Houdini, is born in Budapest, Hungary.
- ...in 1882, pioneering German microbiologist Robert Koch announces his discovery of the bacterium responsible for tuberculosis.
- ...in 1939, fashion designer and costumer Bob Mackie, responsible for dressing entertainment icons since the early 1960s, is born in Monterey Park, CA.
- ...in 1958, Elvis Presley is drafted into the U.S. Army, joining the 3rd Armored Division in Friedberg, Germany before being honorably discharged in March 1960.
