Helga Labus reports: A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace Tempest, a ransomware affiliate known for deploying Cl0p ransomware. […] The (limited) attacks were first spotted by the Microsoft Threat Intelligence team, and they notified Israeli software maker SysAid about them on November…
Category: Other
OFAC Sanctions Russian National Ekaterina Zhdanova for Using Cryptocurrency to Launder Money on Behalf of Russian Elites and Ransomware Groups
The Chainanalysis Team writes: On November 3, 2023, the United States Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Russian national Ekaterina Zhdanova for using cryptocurrency to launder money on behalf of Russian elites, ransomware groups, and other bad actors. Below, we’ll explore the three Bitcoin addresses included in OFAC’s designation that she used…
United States Recovers $2.4 Million Obtained In Business Email Compromise
October 31, 2023 Orlando, Florida – United States Attorney Roger B. Handberg announces that the United States has civilly forfeited $2,462,000 in proceeds obtained from a wire fraud scheme that involved the takeover of a business email account. The forfeited funds are being returned to the fraud victim. According to court documents, the victim, Company…
Hacker leaks millions of new 23andMe genetic data profiles
Lawrence Abrams reports: A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. Earlier this month, a threat actor leaked the stolen data of 1 million Ashkenazi Jews who used 23andMe services to find their ancestry info and genetic predispositions. 23andMe told BleepingComputer…
The largest cyberattack of its kind recently happened. Here’s how.
Tim Starks writes: A trio of internet giants revealed on Tuesday that they had fought off an “unprecedented” distributed denial-of-service (DDoS) attack — used to disrupt the availability of systems like websites and services — that registered as the biggest on record, by far. Cloudflare, Google and Amazon Web Services (AWS) said the attack relied…
23andMe Cyberbreach Exposes DNA Data, Potential Family Ties
DarkReading reports: 23andMe, the popular DNA testing company, has launched an investigation after client information was listed for sale on a cybercrime forum this week. On Oct. 1, a post was published on the forum with a link to a sample of allegedly “20 million pieces of data” from the genetic testing company, claiming that it…