December 5, 2023 at 04:26PM Tipalti denies a cybersecurity breach despite BlackCat/ALPHV’s claims of having accessed and stolen data. The extortion attempt, citing a research piece on ransom payment, hasn’t swayed Tipalti. Their investigation with third-party experts found no breach evidence, and Roblox, a customer mentioned by the group, hasn’t commented. Meeting Summary: – Tipalti, … Read more
November 30, 2023 at 05:27PM Cyberattackers are increasingly exploiting law firms and corporate legal departments with financial attacks such as ransomware and BEC. Incidents like CTS’s breach, LockBit’s ransom demand to Allen & Overy, and the rise in security breaches highlight the threat. Law firms, often handling sensitive information, are vulnerable due to limited cybersecurity … Read more
November 30, 2023 at 09:42AM Since early 2022, the Black Basta ransomware group has extorted over $100 million from victims. Linked to the defunct Conti group, Black Basta employs double extortion tactics, targeting diverse industries, primarily in the US. Analysis by Elliptic ties them to Conti and shows a significant portion of victims pay ransoms, … Read more
November 21, 2023 at 11:29AM This joint Cybersecurity Advisory (CSA) aims to provide network defenders with information about the LockBit 3.0 ransomware and its exploitation of the CVE-2023-4966 vulnerability affecting Citrix NetScaler web application delivery control (ADC) and NetScaler Gateway appliances. The CSA includes tactics, techniques, and indicators of compromise (IOCs) obtained from various organizations, … Read more
November 17, 2023 at 11:47AM Yamaha Motor’s motorcycle manufacturing subsidiary in the Philippines was hit by a ransomware attack, resulting in the theft and leak of some employees’ personal information. The breach was detected on October 25, and the company has been investigating with the help of external security experts. The attack was attributed to … Read more
November 17, 2023 at 06:33AM Toyota Financial Services Europe & Africa confirmed being targeted in a cyberattack by the ransomware group Medusa. Unauthorized activity was detected in a limited number of locations and systems were taken offline. The group is threatening to distribute stolen data unless an $8 million ransom is paid. The attack may … Read more
November 10, 2023 at 02:16PM The recent ransomware attack on the Industrial and Commercial Bank of China (ICBC) may be linked to a vulnerability in Citrix’s NetScaler technology. The vulnerability, known as “CitrixBleed,” allows attackers to steal sensitive information and hijack user sessions. It has a severity score of 9.4 out of 10 and has … Read more
November 8, 2023 at 11:51AM The FBI warns that ransomware threat actors are targeting casinos by exploiting vulnerabilities in vendor-controlled remote access and using legitimate system management tools. Small and tribal casinos have been targeted, with the Silent Ransom Group and Luna Moth carrying out phishing, data theft, and extortion attacks. The FBI advises implementing … Read more
October 26, 2023 at 06:56PM Octo Tempest, a native English-speaking threat actor tracked by Microsoft, has evolved from selling SIM swaps and stealing cryptocurrency accounts to conducting data extortion and ransomware attacks. The group targets companies in various sectors and has partnered with the ALPHV/BlackCat ransomware group. They employ advanced social engineering techniques, physical threats, … Read more
October 25, 2023 at 08:04AM Around 60% of corporate data is stored in the cloud, with Amazon S3 being a popular choice. However, S3 remains vulnerable to ransomware attacks as leaked access keys can be used to compromise sensitive data. To combat these threats, organizations need visibility into their S3 environment through CloudTrail and Server … Read more