Progress Software WS_FTP Critical Vulnerabilities Executive Summary Progress Software, the maker of the MOVEit file transfer software which was widely exploited by the CL0P ransomware-as-a-service (Raas) group, has released a new advisory regarding multiple vulnerabilities in the WS_FTP Server, a file transfer product. Two of the vulnerabilities were rated as critical and are being tracked…
Category: Of Note
FBI: Dual ransomware attack victims now get hit within 48 hours
Sergiu Gatlan reports: The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims’ networks to encrypt systems in under two days. FBI’s warning comes in the form of a Private Industry Notification prompted by trends observed starting July 2023. The federal law enforcement agency explains that ransomware affiliates…
Building automation giant Johnson Controls hit by ransomware attack
Lawrence Abrams reports: Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices, including VMware ESXi s […] Yesterday, a source told BleepingComputer that Johnson Controls suffered a ransomware attack after initially being breached at its Asia offices. BleepingComputer has since learned that the company…
Chinese hackers stole 60,000 emails from US State Department in Microsoft hack, Senate staffer says
Raphael Satter reports: Chinese hackers who subverted Microsoft’s email platform earlier this year managed to steal tens of thousands of emails from U.S. State Department accounts, a Senate staffer told Reuters on Wednesday. The staffer, who attended a briefing of State Department IT officials earlier Wednesday, said the officials told lawmakers that 60,000 emails were…
‘Snatch’ Ransom Group Exposes Visitor IP Addresses
Brian Krebs reports: The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into…
The kids aren’t alright: How DOJ is reckoning with malicious teenage hackers
The Washington Post reports: Teenage hackers like those who may have been behind recent cyberattacks on casinos are being “radicalized” online in a way similar to people who once turned to terrorism and they benefit from a digital economy that enables them to get into the field quickly and easily, a top Justice Department official…