Connor Jones reports: Security experts have uncovered a hole in Cl0p’s data exfiltration tool that could potentially leave the cybercrime group vulnerable to attack. The vulnerability in the Python-based software, which was used in the 2023-2024 MOVEit mass data raids, was discovered by Italian researcher Lorenzo N and published by the Computer Incident Response Center Luxembourg (CIRCL)….
Tag: moveit.
Conversation with a “Nam3L3ss” Watchdog: Preface
This is a multi-part interview with the individual known as “Nam3L3ss,” who leaked more than 100 databases on a popular hacking forum and will soon be leaking many more. In Part 1, he answers some questions about his background and what motivated him to do what he does. In Part 2, we talk a bit…
Amazon confirms employee data breach after vendor hack
Sergiu Gatlan reports: Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum. The threat actor behind this data leak, known as Nam3L3ss, published over 2.8 million lines of Amazon employee data, including names, contact information, building locations, email addresses, and more….
One year on, University System of Georgia admits MOVEit attack hit data of 800k people
Connor Jones reports: Just short of a year after the initial incident, the state of Georgia’s higher education government agency has confirmed that it was the victim of an attack on its systems affecting the data of 800,000 people. University System of Georgia (USG), which oversees 26 higher education institutions in the state, filed a disclosure with…