Graham Cluley writes: About two weeks ago alarm bells rang over a newly-discovered (and unpatched) flaw in Citrix servers. The vulnerability, technically dubbed CVE-2019-19781 but also known as “Shitrix”, was found to be present on Citrix Application Delivery Controller and Citrix Gateway servers (formerly known as Netscaler ADC and Netscaler Gateway respectively) commonly used on corporate networks. Then we…
Category: Malware
If states would only require — and then engage in — more transparency on breaches
Years ago, I had hoped more states would require breach notifications to central offices and that states would then share those reports with the public, much as New Hampshire had done. But things haven’t really become more transparent. Maryland and California remain positive examples of transparency, but New Hampshire’s site, while still available, has lost…
BitPyLock Ransomware Now Joins the Ranks of Those Threatening to Publish Stolen Data
As I anticipated, it is only getting worse. Now Lawrence Abrams reports: A new ransomware called BitPyLock has quickly gone from targeting individual workstations to trying to compromise networks and stealing files before encrypting devices. BitPyLock was first discovered by MalwareHunterTeam on January 9th, 2020 and has since seen a trickle of new victims daily. What is…
CT: Watertown computer system almost repaired after Nov. 1 ransomware attack
Hanna Snyder Gambini reports: The school district’s computer system is almost back up to full speed, Superintendent Rydell Harrison reported, with technicians installing new preventative software as they repair the effects of a ransomware attack. Teachers have their computers back, and “we’re very close to being back to normal,” Harrison said. “For what needs to happens…
Saudi Arabia denies hacking Jeff Bezos’ phone
Jill Petzinger reports that Saudi Arabia has denied a blockbuster claim reported by The Guardian yesterday: The Saudi Arabian embassy in the United States has denied that the kingdom breached the mobile phone of Amazon (AMZN) owner Jeff Bezos, saying that the reports are “absurd” and calling for an investigation. According to an investigation by the…
Maze Team continues its campaign of naming, shaming, and dumping victims’ data while other attackers adopt the same model
In May, 2019, Lawrence Abrams of Bleeping Computer reported on threat actors using Maze ransomware, a then-new variant of ChaCha ransomware. As reported by Abrams, Jérôme Segura had found that the ransomware was being dropped by the Fallout exploit kit. In October, researchers also noted that it was being dropped using the Spelevo exploit kit. Since…