Today’s part of the interview with the hacker known as “Umbreon” is brought to you by the letter “R.” In this case,”R” is for Restitution, Remorse and Regrets, and Reparations. As with previous segments, this was conducted by telephone over days and weeks. The transcript has been edited for length and clarity. For those joining…
Category: Commentaries and Analyses
HC3: Sector Alert Progress Software WS_FTP Critical Vulnerabilities
Progress Software WS_FTP Critical Vulnerabilities Executive Summary Progress Software, the maker of the MOVEit file transfer software which was widely exploited by the CL0P ransomware-as-a-service (Raas) group, has released a new advisory regarding multiple vulnerabilities in the WS_FTP Server, a file transfer product. Two of the vulnerabilities were rated as critical and are being tracked…
FBI: Dual ransomware attack victims now get hit within 48 hours
Sergiu Gatlan reports: The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims’ networks to encrypt systems in under two days. FBI’s warning comes in the form of a Private Industry Notification prompted by trends observed starting July 2023. The federal law enforcement agency explains that ransomware affiliates…
Healthcare Organizations Experience 279% Increase in Business Email Compromise in 2023
Mike Britton writes about data collected by Abnormal Security: According to Abnormal data, the healthcare industry is experiencing a 167% increase in advanced email attacks in 2023, which includes BEC, credential phishing, malware, and extortion. While the year isn’t over yet, this signals the need for more sophisticated security to protect patients, employees, and the organizations…
‘Snatch’ Ransom Group Exposes Visitor IP Addresses
Brian Krebs reports: The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into…
The kids aren’t alright: How DOJ is reckoning with malicious teenage hackers
The Washington Post reports: Teenage hackers like those who may have been behind recent cyberattacks on casinos are being “radicalized” online in a way similar to people who once turned to terrorism and they benefit from a digital economy that enables them to get into the field quickly and easily, a top Justice Department official…