Progress Software WS_FTP Critical Vulnerabilities Executive Summary Progress Software, the maker of the MOVEit file transfer software which was widely exploited by the CL0P ransomware-as-a-service (Raas) group, has released a new advisory regarding multiple vulnerabilities in the WS_FTP Server, a file transfer product. Two of the vulnerabilities were rated as critical and are being tracked…
Category: Commentaries and Analyses
FBI: Dual ransomware attack victims now get hit within 48 hours
Sergiu Gatlan reports: The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims’ networks to encrypt systems in under two days. FBI’s warning comes in the form of a Private Industry Notification prompted by trends observed starting July 2023. The federal law enforcement agency explains that ransomware affiliates…
Healthcare Organizations Experience 279% Increase in Business Email Compromise in 2023
Mike Britton writes about data collected by Abnormal Security: According to Abnormal data, the healthcare industry is experiencing a 167% increase in advanced email attacks in 2023, which includes BEC, credential phishing, malware, and extortion. While the year isn’t over yet, this signals the need for more sophisticated security to protect patients, employees, and the organizations…
‘Snatch’ Ransom Group Exposes Visitor IP Addresses
Brian Krebs reports: The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into…
The kids aren’t alright: How DOJ is reckoning with malicious teenage hackers
The Washington Post reports: Teenage hackers like those who may have been behind recent cyberattacks on casinos are being “radicalized” online in a way similar to people who once turned to terrorism and they benefit from a digital economy that enables them to get into the field quickly and easily, a top Justice Department official…
Data breaches put domestic abuse victims’ lives at risk, UK Information Commissioner warns
From the U.K. Information Commissioner’s Office: Warning comes after the ICO reprimands seven organisations in the past 14 months for data breaches affecting victims of domestic abuse. Most cases related to organisations inappropriately disclosing the victim’s home address to alleged perpetrators. Commissioner urges organisations to take responsibility for training their staff and putting appropriate systems…