The U.S. State Department is offering a $10 million bounty related to information on the Clop ransomware gang, which is attributed to broad exploits of the MOVEit transfer vulnerabilities with victims that include federal agencies. The Department of Energy confirmed data was impacted by an attack, and reports from CNN indicate a possible attack is being investigated against the Office of Personnel Management. The U.S. Department of Agriculture is also dealing with a third-party vendor data breach. READ MORE...
The ransomware operation behind a cyberattack on the University of Manchester has begun to email students, warning that their data will soon be leaked after an extortion demand was not paid. The threat actors claim to have stolen 7 TB of data from the University of Manchester during a June 6th cyberattack in an email sent to students and shared with BleepingComputer. READ MORE...
The ramifications of a Reddit breach which occurred back in February are now being felt, with the attackers threatening to leak the stolen data. The February attack, billed as a "sophisticated phishing campaign" by Reddit, involved an attempt to swipe credentials and two-factor authentication tokens. One employee was tricked into handing over details, and then reported what had happened to Reddit. Its security team locked things down and began investigating. READ MORE...
The Chinese state-sponsored hacking group tracked as APT15 has been observed using a novel backdoor named 'Graphican' in a new campaign between late 2022 and early 2023. APT15, also known as Nickel, Flea, Ke3Chang, and Vixen Panda, are Chinese state hackers targeting important public and private organizations worldwide since at least 2004. Today, the Threat Hunter Team at Symantec, part of Broadcom, reports that APT15's latest campaign targets foreign affairs ministries in Central and South America. READ MORE...
Researchers at security startup Descope have discovered a major misconfiguration in Microsoft Azure AD OAuth applications and warned that any business using 'Log in with Microsoft' could be exposed to full account takeover exploits. The security defect, nicknamed nOAuth, is described as an authentication implementation flaw that can affect Microsoft Azure AD multi-tenant OAuth applications. READ MORE...
Like all major applications, Google's Chrome suffers from vulnerabilities. During 2022, SecurityWeek reported on 456 vulnerabilities (averaging 38 per month), including nine zero-days. The high number of flaws needing to be patched poses a simple question: is Chrome safe to use? The list is so long it almost becomes boringly repetitive - but it will undoubtedly continue growing through the rest of the year and beyond. The questions raised, however, are not boring. READ MORE...
A security vulnerability in the Schneider Electric ION and PowerLogic power meters has been disclosed: They transmit a user ID and password in plaintext with every message. Given a CVSS vulnerability-severity rating of 8.8 out of 10, the bug would allow an attacker with passive interception capabilities to obtain these credentials, authenticate to the ION/TCP engineering interface (as well as SSH and HTTP interfaces), and change configuration settings or potentially modify firmware. READ MORE...