There is an update to the reports of a Cleo file transfer vulnerability being exploited by hackers. Bleeping Computer reports that the same actors who were responsible for the massive MoveIT breach have also claimed responsibility for the Cleo breach: The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo […]
Here we go again: threat actors are taking advantage of vulnerabilities in file transfer products. This time it is Cleo file transfer products. The Record reports: Cybersecurity researchers are warning that vulnerabilities in several file transfer products are being exploited by hackers, even after a patch was released by the developer. The vulnerability — CVE-2024-50623 — was […]
The U.S. Treasury Department has sanctioned Chinese cybersecurity company Sichuan Silence and one of its employees for their involvement in a series of Ragnarok ransomware attacks targeting U.S. critical infrastructure companies and many other victims worldwide in April 2020. BleepingComputer reports: According to the Department’s Office of Foreign Assets Control (OFAC), Sichuan Silence is a […]
New York State Attorney General Letitia James announced another data security enforcement settlement yesterday. HIPAA Journal writes: A New York healthcare provider that experienced a breach of the personal and protected health information of 242,641 New Yorkers has been ordered to pay a financial penalty of $550,000 and take steps to strengthen its data security […]
Security Affairs reports that the ransomware group known as “8Base” claims to have attacked Croatia’s Port of Rijeka and to have stolen data. The CEO of the port, Duško Grabovac, told news outlet Novi list that despite threats actors stole some data, the incident had no impact on the operations at the post and that they will […]
SC Media reports that Chemonics International, a major contractor for the U.S. Agency for International Development (USAID) has provided notice of a months-long breach that began in May 2023. The unauthorized intrusion and data access reportedly affected 263,136 people. The intrusion was first detected on December 15, 2023, but the intrusion was not successfully terminated […]
GBHackers reports that threat actors known as Brain Cipher have claimed to have breached Deloitte UK and exfiltrated over 1 terabyte of sensitive data. According to statements released by Brain Cipher, they have exploited critical weaknesses within Deloitte UK’s cybersecurity infrastructure. The group has promised to unveil detailed information regarding the breach Read more at […]
On November 28, Reuters reported: A senior official at Uganda’s finance ministry confirmed that accounts in the country’s central bank had been hacked but he downplayed the extent of the losses. The Bank of Uganda had said late on Thursday it was awaiting a police investigation into a news report that offshore hackers stole 62 […]
More late woes from the massive 2023 MoveIT databreach. The Register reports that more companies are now seeing their data leaked online on a popular hacking forum: Hundreds of thousands of employees from major corporations including Xerox, Nokia, Koch, Bank of America, Morgan Stanley and others appear to be the latest victims in a massive […]
If you’re old enough to remember when neighbors “borrowed” your wi-fi or cable connection so they didn’t have to pay for services, then you may appreciate the “nearest neighbor” attack as part of cyberwar. Kyiv Post reports: Russian military spies have employed an innovative technique using neighboring Wi-Fi systems to breach secure networks in an […]
