The Week in Ransomware – July 28th 2023 – New extortion tactics
With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims. This was...
News
CISA: New Submarine malware found on hacked Barracuda ESG appliances
CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances on federal agencies'...
Twitter’s rebranding to ‘X’ triggers Microsoft Edge security alert
Microsoft Edge web browser has been displaying security warnings after Twitter changed its name to 'X'. Amid its rapid rebranding...
MOVEit Campaign Claims Millions More Victims
Another 8–11 million individuals are believed to have had their personal information compromised by the Clop ransomware gang after a...
Microsoft Accused of Negligence in Recent Email Compromise
A US Senator has demanded that the Whitehouse holds Microsoft to account for a Chinese cyber campaign that compromised US...
North Korean Hackers Bag Another $100m in Crypto Heists
North Korea’s infamous Lazarus hacking group has been linked to two new attacks on cryptocurrency firms which led to the...
Australia and US Issue Warning About Web App Threats
The Australian and US governments have issued a joint advisory about the growing cyber-threats to web applications and application programming...
SSNDOB Marketplace Admin Pleads Guilty
A Ukrainian man has pleaded guilty to charges connected with his role as an administrator of notorious cybercrime marketplace SSNDOB.Vitalii...
New Study Reveals Forged Certificate Attack Risks
New research has highlighted the severe risks posed by forged certificate attacks, which can lead to unauthorized access to important...
40% of Ubuntu Cloud Workloads Vulnerable to Exploits
Two high-priority vulnerabilities have been discovered in the OverlayFS module of Ubuntu Linux, impacting approximately 40% of Ubuntu cloud workloads. According...
Security Serious Unsung Heroes Awards 2023 Open for Nominations
Nominations are open for the eighth annual Security Serious Unsung Heroes Awards to be held in London and run by Eskenzi PR.The...
UK MoD Error Sends Emails to Russia’s Ally Instead of US
The UK’s Ministry of Defence (MoD) is launching an investigation after a typing error reportedly led to classified emails being...
US-CERT Vulnerability Summary for the Week of July 17, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooliva_expertise -- oliva_expertise_eks Improper Neutralization of Special Elements used in an SQL...
Mysterious Decoy Dog malware toolkit still lurks in DNS shadows
Image: Bing Create New details have emerged about Decoy Dog, a largely undetected sophisticated toolkit likely used for at least...
NATO investigates alleged data theft by SiegedSec hackers
NATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest...
New Nitrogen malware pushed via Google Ads for ransomware attacks
A new 'Nitrogen' initial access malware campaign uses Google and Bing search ads to promote fake software sites that infect...
ALPHV ransomware adds data leak API in new extortion strategy
Image: Bing Create The ALPHV ransomware gang, also referred to as BlackCat, is trying to put more pressure on their...
Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws
Two Linux vulnerabilities introduced recently into the Ubuntu kernel create the potential for unprivileged local users to gain elevated privileges...
8 million people hit by data breach at US govt contractor Maximus
U.S. government services contractor Maximus has disclosed a data breach warning that hackers stole the personal data of 8 to...
Swiss visa appointments cancelled in UK due to ‘IT incident’
All appointments for Swiss (Schengen) tourist and transit visas have been cancelled across the UK. TLScontact, the Swiss government's chosen IT...
SEC now requires companies to disclose cyberattacks in 4 days
The U.S. Securities and Exchange Commission has adopted new rules requiring publicly traded companies to disclose cyberattacks within four business...
Lazarus hackers linked to $60 million Alphapo cryptocurrency heist
Blockchain analysts blame the North Korean Lazarus hacking group for a recent attack on payment processing platform Alphapo where the...
CoinsPaid blames Lazarus hackers for theft of $37,300,000 in crypto
Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in...
SSNDOB cybercrime market admin faces 15 years after pleading guilty
A Ukrainian man, Vitalii Chychasov, has pleaded guilty in the United States to conspiracy to commit access device fraud and...
