February 25, 2024 at 04:27AM LockBit ransomware’s exposure and response to law enforcement have prompted suspicion and distrust among affiliates. Despite attempts to maintain anonymity, it was revealed that LockBit’s leadership engaged with authorities. Their operations have been disrupted, with 14,000 rogue accounts closed. The group’s multi-year illicit profits exceed $120 million, with a significant … Read more
February 19, 2024 at 12:45AM Belarus and Russia-linked threat actors, identified as Winter Vivern, conducted a cyber espionage campaign exploiting vulnerabilities in Roundcube webmail servers, targeting over 80 organizations in Georgia, Poland, and Ukraine. The campaign aimed to gather intelligence on European political and military activities, demonstrating high sophistication in attack methods. TAG-70 also targeted … Read more
February 6, 2024 at 01:41PM Attackers dubbed “ResumeLooters” used SQL injection and cross-site scripting to target at least 65 job-recruitment and retail websites, stealing databases with over 2 million emails and personal records in a month. They mainly targeted victims in Asia-Pacific, putting stolen data up for sale. Group-IB discovered the attacks, and have advised … Read more
January 8, 2024 at 06:18AM The number of CNA organizations and CVE identifiers increased in 2023. There were 28,902 published CVEs with an average of 80 new CVEs per day, and the average CVSS score was 7.12. The number of new CNAs announced increased to 84, totaling nearly 350 CNAs from 38 countries. The top … Read more
October 25, 2023 at 12:50PM The Winter Vivern cyber spy group has targeted European governments by exploiting an XSS zero-day vulnerability in the Roundcube webmail client. The group, linked to Russia and Belarus, used a convincing phishing email to launch a malicious payload, allowing them to access victims’ Roundcube accounts. Researchers warn that the group’s … Read more
October 11, 2023 at 06:42AM Siemens and Schneider Electric have released their Patch Tuesday advisories for October 2023, addressing over 40 vulnerabilities in their products. Siemens has published a dozen advisories, including vulnerabilities in the Ruggedcom APE1808 platform and Nozomi Networks’ Guardian product. Nozomi has already patched these vulnerabilities. Schneider Electric has released advisories for … Read more
October 10, 2023 at 10:48AM German software maker SAP has released a total of seven new and two updated security notes as part of its October 2023 Security Patch Day. The most severe note updates the Chromium browser in SAP Business Client, fixing 37 vulnerabilities, including two critical ones. One critical flaw, CVE-2023-4863, is already … Read more