Central Group is a multinational conglomerate in Thailand that describes itself as one of the largest private commercial conglomerates in Thailand with more than 50 subsidiaries and six key business lines. In October 2021, DataBreaches reported an attack on the Central Restaurant Group by threat actors called DESORDEN. When negotiations failed, DESORDEN revealed details about…
Attackers Targeting VPNs Account for 28.7 Percent of Ransomware Incidents in Q3 According to Corvus Insurance Cyber Threat Report
A press release from Corvus Insurance has some statistics worth mulling over: Corvus Insurance, a wholly owned subsidiary of The Travelers Companies, Inc., today released its Q3 2024 Cyber Threat Report, The Ransomware Ecosystem is Increasingly Distributed, which showed that attackers leveraging virtual private network (VPN) vulnerabilities and weak passwords for initial access contributed to nearly 30% of…
Apple says Mac users targeted in zero-day cyberattacks
Zack Whittaker reports: Apple released security updates on Tuesday that it says are “recommended for all users,” after fixing a pair of security bugs used in active cyberattacks targeting Mac users. In a security advisory on its website, Apple said it was aware of two vulnerabilities that “may have been actively exploited on Intel-based Mac systems.” The…
Fintech Giant Finastra Investigating Data Breach
Brian Krebs reports: The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. Finastra, which provides software and services to 45 of the world’s top 50 banks, notified customers of the security incident after a cybercriminal began selling more than 400 gigabytes of data purportedly…
Hibernation is Over? Akira Ransomware: Published Over 30 New Victims on their DLS (updated)
Adi Bleih reports: The Akira ransomware group has been active since March 2023, targeting diverse industries across North America, the UK, and Australia. Operating as a Ransomware-as-a-Service (RaaS) model, Akira employs a double-extortion strategy by stealing sensitive data before encrypting it. According to their leak site, the group claims to have compromised over 350 organizations….
Phobos Ransomware Administrator Extradited from South Korea to Face Cybercrime Charges
Russian National Alleged to Have Coordinated Sale, Distribution, and Operation of Phobos Ransomware as Part of International Hacking and Extortion Conspiracy The Justice Department unsealed criminal charges today against Evgenii Ptitsyn, 42, a Russian national, for allegedly administering the sale, distribution, and operation of Phobos ransomware. Ptitsyn made his initial appearance in the U.S. District Court for…