December 5, 2024 at 05:55AM BT is investigating a ransomware attack by the Black Basta group, which claims to have stolen 500 GB of sensitive data. The group threatens to leak the data unless a ransom is paid. BT affirmed that only specific elements of its Conferencing platform were affected, and services remain operational. ### … Read more
December 5, 2024 at 01:18AM The U.S. CISA has added several vulnerabilities to its KEV catalog, including severe issues in Zyxel and I-O DATA products, with active exploitation reported. Recommendations for remediation by December 25, 2024, are urged for federal agencies. Meanwhile, I-O DATA advises users to enhance security until patches are released. **Meeting Takeaways … Read more
December 4, 2024 at 03:25PM The UK’s National Crime Agency disrupted two Russian money laundering networks, arresting 84 suspects in “Operation Destabilise.” These networks, linked to ransomware gangs, laundered millions for cybercriminals. The operation unveiled connections among Russian elites, cybercriminals, and UK drug gangs, highlighting significant international collaboration in tackling such financial crimes. ### Meeting … Read more
December 4, 2024 at 01:40PM BT Group has confirmed the shutdown of several servers within its BT Conferencing division due to a ransomware breach by Black Basta. This incident highlights the ongoing cybersecurity challenges faced by multinational companies in protecting their infrastructure. **Meeting Takeaways: BT Group Ransomware Incident** 1. **Company Affected:** BT Group, formerly known … Read more
December 4, 2024 at 12:45AM Veeam released security updates for a critical vulnerability (CVE-2024-42448) in its Service Provider Console, which allows remote code execution. Another vulnerability (CVE-2024-42449) poses risks of NTLM hash leakage and file deletion. Users must upgrade to version 8.1.0.21999 to mitigate risks as there are no alternative fixes. **Meeting Takeaways – December … Read more
December 3, 2024 at 03:07PM ENGlobal, an American energy contractor, is facing limited IT system access following a ransomware incident detected on November 25. The company is investigating and mitigating the breach, which involved unauthorized access and encryption of data. ENGlobal serves high-profile clients, including government departments, making it a prime target for cybercriminals. **Meeting … Read more
December 3, 2024 at 11:24AM The “Venom Spider” malware-as-a-service platform has introduced new capabilities via the RevC2 backdoor and Venom Loader, detected in recent cyberattacks. Researchers report these tools can steal sensitive data and enable remote code execution. Future enhancements to this platform are expected, along with provided defenses against the malware. ### Meeting Takeaways: … Read more
December 3, 2024 at 06:49AM The UK’s National Cyber Security Centre reported a significant increase in severe cyber threats, tripling to 12 incidents, with overall cases rising by 16%. Predicted vulnerabilities emphasize the urgency for enhanced cybersecurity measures, particularly against risks from state actors like China and Russia, amid a growing cybercrime ecosystem. ### Meeting … Read more
December 3, 2024 at 06:35AM ENGlobal Corporation has reported that its operations were impacted by a ransomware attack discovered on November 25. The company is investigating the incident while restricting IT system access, allowing only essential operations. Recovery efforts are ongoing, but they have not determined the financial impact or confirmed any data theft. ### … Read more
December 3, 2024 at 12:51AM A new malware campaign named Horns&Hooves targets users and businesses in Russia, infecting over 1,000 victims since March 2023. It delivers NetSupport RAT and BurnsRAT, utilizing deceptive email attachments to install additional malware. The threat is linked to group TA569, known for facilitating ransomware attacks and data theft. ### Meeting … Read more