Tag: technews

20-year-old Russian affiliate of ransomware LockBit arrested in Arizona The U.S. Department of Justice (DoJ) charges a Russian national for his role in developing and deploying the Lockbit ransomware. Ruslan Magomedovich Astamirov, 20, of Chechen Republic has been accused of perpetrating at least five attacks between August 2020 and March 2023. According to the DoJ,…

Third Flaw Uncovered in MOVEit Transfer App Amidst Ransomware Attacks Progress Software discloses a third vulnerability in its MOVEit Transfer application. The Cl0p cybercrime gang uses the vulnerability to extort money from companies using the service. The company is urging all its customers to disable all HTTP and HTTPS traffic to this service while a…

Hackers and scammers are attempting to use cloud mining to launder cryptocurrency. Ransomware actors and cryptocurrency scammers have joined nation-state actors in using cloud mining services to launder digital assets, new findings reveal. Earlier this March, Google Mandiant disclosed North Korea’s use of the hash rental and cloud mining service to obscure the forensic trail…

Great News! China and the US Are Talking About AI Dangers Altman and China have a lot in common when it comes to artificial intelligence. Both Altman and his company are behind ChatGPT, a chatbot that demonstrates the progress that’s been made in the field over the last few years. And they both see the…

A Chinese group has exploited a zero-day flaw in Barracuda’s email security China-nexus threat actor UNC4841 has been linked to the exploitation of a recently patched zero-day flaw in Barracuda Email Security Gateway (ESG) appliances since October 2022. The malicious email messages contained generic lures with poor grammar and, in some cases, placeholder values.55% of…

Microsoft Azure Bastion and Container Registry Reportedly Suffering From Severe Vulnerabilities Orca, a security firm that works with the cloud computing platform, demonstrates how two vulnerabilities can be exploited to carry out cross-site scripting (XSS) attacks. The company’s research uses a weakness in the postMessage iframe, a type of window element that allows for cross-origin…

Chinese hackers exploit VMware zero-day to backdoor Windows and Linux systems The Chinese state-sponsored group known as UNC3886 has found a way to exploit a flaw in VMware ESXi hosts to backdoor Windows and Linux systems. The VMware Tools authentication bypass vulnerability, tracked as CVE-2023-20867, enabled the execution of privileged commands across Windows, Linux, and…

LockBit ransomware has extorted $91 million from U.S. companies LockBit ransomware-as-a-service companies have rorted more than $91 million from U.S. organizations since the beginning of 2020. The company’s latest ransomware, LockBit Green, is based on code from the now-disbanded Conti gang and uses patented technology such as a beachhead –a self-execute mechanism that allows attackers…

Microsoft Warns of Russian State-Sponsored Hackers with Destructive Intent The actor formerly known as DeV-0586 has been renamed Cadet Blizzard. According to Microsoft, the group has a track record of orchestrating destructive attacks, espionage, and information operations aimed at entities located in Ukraine, Europe, Central Asia, and, periodically, Latin America. Most of the companies they’ve…

New report sheds light on long-running intrusions on Ukrainian organizations by shuckworm The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments, Symantec reports. The company details in a new report shared with The Hacker News. It seems clear…