Recent Security News
-
US Offers $10 Million for Information on BlackCat Ransomware Leaders
February 16, 2024 at 05:33AM The US announced a $10 million reward for info on the Alphv/BlackCat ransomware operation’s key members, following their takedown. The group had over 1,000 victims, and the FBI released a decryption tool for them. The reward aims to identify leaders or affiliates, with a tip line set up using the…
-
Ukrainian Pleads Guilty in US to Key Role in Zeus, IcedID Malware Operations
February 16, 2024 at 05:33AM Ukrainian national Vyacheslav Igorevich Penchukov, also known as ‘Tank’, pleaded guilty to RICO and wire fraud charges related to cybercrime operations involving Zeus and IcedID malware. The operations caused substantial financial losses. Penchukov, arrested in Switzerland and extradited to the US, awaits sentencing on May 9 and could face up…
-
U.S. State Government Network Breached via Former Employee’s Account
February 16, 2024 at 03:03AM The US CISA reported a state government network compromise due to a former employee’s admin account. The threat actor gained access via a virtual private network and obtained credentials from a separate breach. The incident highlighted the lack of multi-factor authentication and the need to secure privileged accounts. The attackers…
-
Microsoft Exchange Server Flaw Exploited as a Zero-Day Bug
February 15, 2024 at 04:34PM Microsoft identified a critical vulnerability in Exchange Server disclosed in February as a zero-day threat already being exploited. The flaw (CVE-2024-21410) permits attackers to disclose and relay Windows NT Lan Manager hashes, impersonating legitimate users. Microsoft revised its advisory, flagging the exploit as a zero-day. A cumulative update (CU14) protects…