Past coverage on DataBreaches about Sebastien Raoult can be found linked from “Raoult.” Since he was first detained in 2022, both he and everyone involved in ShinyHunters have denied that he was ever part of that group, yet DOJ seems to have gotten him to plea to a conspiracy count involving ShinyHunters. From the plea…
Category: Of Note
HC3: Sector Alert Progress Software WS_FTP Critical Vulnerabilities
Progress Software WS_FTP Critical Vulnerabilities Executive Summary Progress Software, the maker of the MOVEit file transfer software which was widely exploited by the CL0P ransomware-as-a-service (Raas) group, has released a new advisory regarding multiple vulnerabilities in the WS_FTP Server, a file transfer product. Two of the vulnerabilities were rated as critical and are being tracked…
FBI: Dual ransomware attack victims now get hit within 48 hours
Sergiu Gatlan reports: The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims’ networks to encrypt systems in under two days. FBI’s warning comes in the form of a Private Industry Notification prompted by trends observed starting July 2023. The federal law enforcement agency explains that ransomware affiliates…
Building automation giant Johnson Controls hit by ransomware attack
Lawrence Abrams reports: Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices, including VMware ESXi s […] Yesterday, a source told BleepingComputer that Johnson Controls suffered a ransomware attack after initially being breached at its Asia offices. BleepingComputer has since learned that the company…
Chinese hackers stole 60,000 emails from US State Department in Microsoft hack, Senate staffer says
Raphael Satter reports: Chinese hackers who subverted Microsoft’s email platform earlier this year managed to steal tens of thousands of emails from U.S. State Department accounts, a Senate staffer told Reuters on Wednesday. The staffer, who attended a briefing of State Department IT officials earlier Wednesday, said the officials told lawmakers that 60,000 emails were…
‘Snatch’ Ransom Group Exposes Visitor IP Addresses
Brian Krebs reports: The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into…