November 17, 2023 at 11:15AM SecurityWeek’s weekly roundup highlights several cybersecurity stories. The world-renowned law firm Allen & Overy experienced a data breach by the LockBit ransomware group. The largest bank in China, Industrial and Commercial Bank of China, allegedly paid a ransom to the LockBit gang. Europol aided in the takedown of a vishing … Read more
November 17, 2023 at 02:54AM U.S. cybersecurity and intelligence agencies have issued a joint advisory about a cybercriminal group called Scattered Spider, known for using sophisticated phishing tactics. The group engages in data theft for extortion and has recently used BlackCat/ALPHV ransomware. Scattered Spider relies on social engineering techniques and has connections to the Gen … Read more
November 16, 2023 at 07:19PM The FBI is intensifying efforts to locate members of the Scattered Spider cyber-crime group, responsible for attacking major casinos and conducting network intrusions. The group exfiltrates data and demands payment in exchange for not leaking or selling the information. Several organizations, including MGM Resorts, experienced significant disruptions, resulting in financial … Read more
November 16, 2023 at 09:48AM ALPHV/BlackCat ransomware-as-a-service affiliates are resorting to malvertising campaigns to gain initial access to victims’ systems. They are using paid ads for popular business software like Slack and Cisco AnyConnect to trick corporate victims into downloading Nitrogen malware, which can then be used to deploy ransomware. eSentire’s Threat Response Unit has … Read more
November 16, 2023 at 07:00AM Novel attack methods targeting Google Workspace and the Google Cloud Platform have been demonstrated, posing risks of ransomware, data exfiltration, and password recovery attacks. Threat actors could exploit vulnerabilities in Google Credential Provider for Windows (GCPW) to gain access to machines and bypass multi-factor authentication protections. These attacks highlight the … Read more
November 15, 2023 at 09:04PM The ALPHV/BlackCat ransomware group has filed a complaint with the U.S. Securities and Exchange Commission (SEC) against software company MeridianLink for not disclosing a cyberattack within the four-day rule. The ransomware group threatened to leak stolen data unless a ransom was paid. MeridianLink confirmed the cyberattack and stated that it … Read more
November 15, 2023 at 07:46PM The chief security officer of Clorox, Amy Bogac, has left her position following a corporate network breach that cost the company hundreds of millions of dollars. In separate news, ransomware group AlphV has claimed to have breached digital lending firm MeridianLink and filed a complaint against the company with the … Read more
November 15, 2023 at 09:45AM A critical security flaw in Apache ActiveMQ, tracked as CVE-2023-46604, allows threat actors to execute arbitrary code in memory. The flaw has been exploited by ransomware groups, deploying ransomware like HelloKitty and a strain similar to TellYouThePass, as well as a remote access trojan called SparkRAT. The attacks rely on … Read more
November 14, 2023 at 11:11PM Illumio has expanded its Zero Trust Segmentation Platform with Illumio CloudSecure, allowing organizations to reduce the impact of cyberattacks and increase cyber resilience in hybrid and multi-cloud environments. The tool provides visibility and control of connections between dynamic applications and workloads, and stops unauthorized movement automatically. Illumio CloudSecure is effective, … Read more
November 14, 2023 at 01:45PM Zip Security, a startup based in New York City and Washington DC, has raised $7.7 million in a financing round led by General Catalyst. The company aims to provide affordable and accessible cybersecurity solutions to small and medium-sized businesses (SMBs). Zip offers a SaaS platform and service that minimizes the … Read more