November 28, 2023 at 06:24AM A law enforcement operation in Ukraine has resulted in the arrest of key individuals involved in multiple ransomware schemes. The suspects targeted over 1,800 victims across 71 countries since 2019, using tactics such as brute-force attacks and phishing emails to gain access to networks. They encrypted over 250 servers belonging … Read more
November 27, 2023 at 04:43PM Ardent Health Services experienced a ransomware attack in November, affecting its entire network and 30 hospitals across six states. Patient care was not disrupted, but some emergency cases are being redirected to other hospitals. Ardent has reported the attack, launched an investigation, and suspended user accounts. The restoration of access … Read more
November 27, 2023 at 04:38AM The British Library, known for its public knowledge and vast collection of items, recently fell victim to a cybersecurity breach. Ransomware bandits stole HR data and disrupted the institution’s infrastructure, causing inconvenience to researchers and delaying their work. The attack on the British Library is just one of many corporate … Read more
November 23, 2023 at 04:12AM MGM Resorts International recently fell victim to a costly ransomware attack. Hackers used social engineering tactics to convince an employee to reveal sensitive user credentials, enabling them to bypass cyber security defenses and launch the attack. Similar incidents have occurred, highlighting the challenge of verifying the identity of requesters for … Read more
November 22, 2023 at 03:06PM Experts say that web shells, which are easy-to-use tools used to issue commands to compromised servers, are becoming more popular among attackers. The use of web shells such as WSO-NG and others by ransomware gangs and in mass exploitation campaigns has been observed. Web shells are difficult to detect and … Read more
November 22, 2023 at 11:56AM A group known as Scattered Spider, responsible for the MGM cyberattack in September, has conducted another sophisticated ransomware attack. The group exploited a third-party service to gain access to the target organization’s on-premise network. The attack used tactics similar to the MGM attack, including social engineering and manipulation of multi-factor … Read more
November 22, 2023 at 09:06AM AutoZone, the car parts retailer, has informed nearly 185,000 individuals that their personal information was compromised in the MOVEit hacking campaign. Cybercriminals exploited a vulnerability in the MOVEit Transfer application to steal information, including social security numbers. AutoZone has temporarily disabled the application, patched the vulnerability, and rebuilt the affected … Read more
November 22, 2023 at 07:12AM The Kansas court system experienced a sophisticated cyberattack in which sensitive data was stolen and a ransomware attack was carried out. The attack disrupted access to records for over five weeks, affecting the state’s appellate courts and causing attorneys to resort to paper filings. The stolen data includes district court … Read more
November 22, 2023 at 12:36AM LockBit ransomware affiliates are actively exploiting a critical security flaw in Citrix NetScaler appliances to gain initial access to target environments. The flaw, known as Citrix Bleed, allows threat actors to bypass password requirements and multifactor authentication, enabling session hijacking and unauthorized access to data. The vulnerability, tracked as CVE-2023-4966, … Read more
November 21, 2023 at 05:39PM LockBit 3.0 ransomware affiliates are targeting the “Citrix Bleed” security vulnerability, prompting warnings from CISA and Citrix. The bug allows authentication bypass, giving threat actors access to user sessions and credentials. Citrix’s patch is not sufficient to protect against compromise. Organizations are advised to upgrade immediately and assess vulnerability. Thousands … Read more