November 20, 2023 at 03:50PM Progress Software’s MOVEit file transfer application has been exploited by the Russian ransomware group Clop, impacting 2,620 organizations and over 77 million individuals. Avast, the antivirus company, is among the victims, with 3 million customers’ information reportedly leaked on a hacking forum. Welltok, a patient communication services provider, has also … Read more
November 20, 2023 at 02:17PM A former COO of a cybersecurity company pleaded guilty to hacking two hospitals to benefit his business. He disrupted phone and printer services and stole personal information from over 200 patients. He promoted the hack on Twitter and solicited clients afterward. Prosecutors recommend 57 months of probation due to the … Read more
November 20, 2023 at 12:27PM The Canadian government has reported that two of its contractors, Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving Services, were hacked, resulting in the exposure of sensitive information belonging to government employees. The breach, reportedly attributed to the LockBit ransomware gang, has affected data dating back to … Read more
November 20, 2023 at 12:23PM The former COO of an Atlanta tech company has pleaded guilty to launching online attacks on two hospitals in 2018. Vikas Singla admitted to rendering the phone system of Gwinnett Medical Center inoperable and stealing patient data. He also publicized the attacks on Twitter and cited them in sales pitches. … Read more
November 20, 2023 at 07:45AM Personal information of employees was stolen in a ransomware attack on Yamaha Motor’s subsidiary in the Philippines. The attack occurred on October 25, affecting one server managed by Yamaha Motor Philippines. The company immediately set up a countermeasures team and restored unaffected servers. The INC Ransom gang claimed responsibility for … Read more
November 17, 2023 at 05:44PM Ransomware group ALPHV, also known as “BlackCat,” has filed a complaint with the US Securities and Exchange Commission (SEC), accusing a recent victim of non-compliance with new disclosure regulations. ALPHV attacked digital lending service provider MeridianLink, stole and leaked data, and then reported the breach to the SEC, claiming the … Read more
November 17, 2023 at 11:47AM Yamaha Motor’s motorcycle manufacturing subsidiary in the Philippines was hit by a ransomware attack, resulting in the theft and leak of some employees’ personal information. The breach was detected on October 25, and the company has been investigating with the help of external security experts. The attack was attributed to … Read more
November 17, 2023 at 11:15AM Wisconsin teenager Joseph Garrison has pleaded guilty to his involvement in hacking a fantasy sports and betting website. Garrison launched a credential stuffing attack, gaining access to approximately 60,000 user accounts. Together with others, he stole around $600,000 from 1,600 victim accounts. Garrison faces up to five years in prison … Read more
November 17, 2023 at 11:15AM SecurityWeek’s weekly roundup highlights several cybersecurity stories. The world-renowned law firm Allen & Overy experienced a data breach by the LockBit ransomware group. The largest bank in China, Industrial and Commercial Bank of China, allegedly paid a ransom to the LockBit gang. Europol aided in the takedown of a vishing … Read more
November 17, 2023 at 11:11AM Threat actors exploited a zero-day vulnerability in Zimbra Collaboration email server to steal sensitive data from government systems in multiple countries. The vulnerability, known as CVE-2023-37580, allowed the hackers to perform email forwarding, steal credentials, and lead victims to phishing pages. The attacks took place before Zimbra released an official … Read more