Threat actors who recently attacked a dozen Norwegian ministries by exploiting a zero-day vulnerability in Ivanti's endpoint management software appeared to have another zero-day flaw that tied to the overall attack exploit chain, Ivanti confirmed on Friday.
Government-backed North Korean hackers are posting convincing U.S. military job recruitment documents to lure Korean-speaking victims into downloading malware staged from legitimate but compromised South Korean websites, according to security researchers.
The highly active, North Korea-linked Lazarus Group is targeting unpatched Microsoft Internet Information Services servers to escalate privileges and distribute malware. Researchers spotted the group using watering hole techniques to fool victims in South Korea.
In the latest weekly update, ISMG editors discuss the surging number of MOVEit breach victims and the state of ransomware innovation, why the federal government warned healthcare firms about the use of web trackers, and how the DOJ is expanding its "whole of government" approach to fight ransomware.
Practicing incident response procedures is as important as practicing fire drills, said CISO Nick Prescot of Norgine. But beyond regularly testing the plan, security leaders must foster a collaborative environment so their teams maintain a sense of calm in the heat of an incident.
The fallout from Clop group's data-grabbing attacks against MOVEit managed file transfer software users keeps mounting. In recent days, the extortionists have added 70 more organizations to their data leak site, taking the tally of known victims to over 515 organizations and 36 million individuals.
Ukrainian cyber defenders said a financially motivated threat actor is intensifying efforts to entice users into installing a backdoor Trojan known as SmokeLoader. The SSSCIP said the malware had the second-highest number of detections domestically during the months of May and June.
Dutch police arrested a suspected super user of Genesis Market, characterizing him as likely one of the busted criminal bazaar's top 10 most active buyers of stolen digital credentials and access to infected computers. The Dutch citizen will remain in custody and faces a growing list of charges.
More details about victims of the Clop crime group's zero-day attacks on users of the widely used MOVEit file transfer software continue to come to light. Researchers now report that at least 455 organizations were hit directly or indirectly, exposing data for at least 23 million individuals.
Now that the long-awaited FedNow faster-payment program is operating, experts debate whether U.S. financial institutions will embrace the payment ecosystem and whether the Federal Reserve and the banking industry can overcome implementation challenges and mitigate cybersecurity and fraud issues.
Unknown hackers attacked a dozen Norwegian government ministries through a zero day vulnerability present in a shared digital platform, the Oslo government disclosed Monday. The prime minister's office and the ministries of defense, justice and foreign affairs were unaffected.
The Russian-language Clop crime group's mass exploitation of MOVEit file-transfer software demonstrates how criminals continue to seek fresh ways to maximize their illicit profits with minimal effort. Ransomware response firm Coveware says Clop may clear over $75 million from this campaign.
A U.S. couple is set to file a plea deal for their role in laundering $4.5 billion in cryptocurrency from the Bitfinex virtual currency exchange in 2016. Federal prosecutors say they moved crypto to hide their tracks, withdrew it from ATMs and used gift cards to spend the money.
A Florida hospital is notifying 1.2 million patients that their information was stolen by hackers in a cybersecurity incident that spanned for nearly three weeks in May as attackers tried to encrypt the entity's systems with ransomware. The hospital repelled the attack but couldn't stop the breach.
The count of organizations affected by the Clop ransomware group's attack on MOVEit file-transfer software users continues to grow, now numbering over 400 organizations that were directly or indirectly impacted. More than 20 million individuals' personal details were stolen in the attacks.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.