Recent Security News
-
A Sanction Has Been Imposed on a Hacker Who Released Australian Health Insurer Client Data
January 23, 2024 at 06:54AM Australian government sanctions Russian national Aleksandr Ermakov for role in cyber attack compromising 10M Australians’ personal info. Sanctions imposed after linking Ermakov to Medibank health insurer data breach. Sanctions aim to expose and debilitate cyber criminals targeting Australia. Providing assets to Ermakov becomes criminal offence punishable by up to 10…
-
BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time
January 23, 2024 at 06:06AM Conor Brian Fitzpatrick, creator of cyber crime marketplace BreachForums, has been sentenced to time served with 20 years of supervised release. Arrested in 2023 for various charges, including child pornography possession, Fitzpatrick operated a platform trafficking stolen data affecting millions. Due to mental health concerns, he will undergo treatment and…
-
~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active Exploitation
January 23, 2024 at 05:06AM Malicious actors are actively exploiting a critical security flaw in Atlassian Confluence Data Center and Server (CVE-2023-22527), allowing remote code execution on susceptible installations. Over 40,000 exploitation attempts and testing callback efforts have been recorded, with most originating from Russia. More than 11,000 Atlassian instances are accessible online, but the…
-
Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver 
January 23, 2024 at 03:14AM The Kasseika ransomware group has been observed deploying BYOVD attacks, utilizing PsExec and exploiting Martini driver. It is suggested that the group may have acquired access to the source code of BlackMatter ransomware. The attack chain involves targeted phishing for initial access followed by remote administration tools and defense evasion…
-
Godzilla Web Shell Attacks Stomp on Critical Apache ActiveMQ Flaw
January 22, 2024 at 06:09PM A new wave of cyberattacks is targeting a critical remote code-execution vulnerability in Apache ActiveMQ, using the Godzilla Web shell to gain control. The vulnerability, CVE-2023-46604, affects multiple versions of ActiveMQ and allows for malicious port scanning, code injection, and other activities. Over 3,400 vulnerable servers have been identified, leading…