-
University of Manchester confirms data theft in recent cyberattack
The University of Manchester finally confirmed that attackers behind a cyberattack disclosed in early June had stolen data belonging to alumni and current students.
- June 23, 2023
- 03:21 PM
0
-
Hackers warn University of Manchester students of imminent data leak
The ransomware operation behind a cyberattack on the University of Manchester has begun to email students, warning that their data will soon be leaked after an extortion demand was not paid.
- June 20, 2023
- 04:17 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Over 100,000 ChatGPT accounts stolen via info-stealing malware
More than 101,000 ChatGPT user accounts have been compromised by information stealers over the past year, according to dark web marketplace data.
- June 20, 2023
- 04:00 AM
- 0
-
Iowa’s largest school district confirms ransomware attack, data theft
Des Moines Public Schools, Iowa's largest school district, confirmed today that a ransomware attack was behind an incident that forced it to take all networked systems offline on January 9, 2023.
- June 19, 2023
- 04:16 PM
- 0
-
New Mystic Stealer malware increasingly used in attacks
A new information-stealing malware named 'Mystic Stealer,' has been promoted on hacking forums and darknet markets since April 2023, quickly gaining traction in the cybercrime community.
- June 18, 2023
- 11:14 AM
- 0
-
Clop ransomware gang starts extorting MOVEit data-theft victims
The Clop ransomware gang has started extorting companies impacted by the MOVEit data theft attacks by listing them on a data leak site, a common extortion tactic used as a precursor for the public leaking of stolen data.
- June 15, 2023
- 11:39 AM
- 3
-
Exploit released for MOVEit RCE bug used in data theft attacks
Horizon3 security researchers have released proof-of-concept (PoC) exploit code for a remote code execution (RCE) bug in the MOVEit Transfer managed file transfer (MFT) solution abused by the Clop ransomware gang in data theft attacks.
- June 12, 2023
- 11:32 AM
- 0
-
New MOVEit Transfer critical flaws found after security audit, patch now
Progress Software warned customers today of newly found critical SQL injection vulnerabilities in its MOVEit Transfer managed file transfer (MFT) solution that can let attackers steal information from customers' databases.
- June 09, 2023
- 02:49 PM
- 0
-
Clop ransomware likely testing MOVEit zero-day since 2021
The Clop ransomware gang has been looking for ways to exploit a now-patched zero-day in the MOVEit Transfer managed file transfer (MFT) solution since 2021, according to Kroll security experts.
- June 08, 2023
- 06:45 PM
- 0
-
Clop ransomware claims responsibility for MOVEit extortion attacks
The Clop ransomware gang has told BleepingComputer they are behind the MOVEit Transfer data-theft attacks, where a zero-day vulnerability was exploited to breach servers belonging to "hundreds of companies" and steal data.
- June 05, 2023
- 05:27 PM
- 0
-
Microsoft links Clop ransomware gang to MOVEit data-theft attacks
Microsoft has linked the Clop ransomware gang to recent attacks exploiting a zero-day vulnerability in the MOVEit Transfer platform to steal data from organizations.
- June 05, 2023
- 08:54 AM
- 0
-
CISA orders govt agencies to patch MOVEit bug used for data theft
CISA has added an actively exploited security bug in the Progress MOVEit Transfer managed file transfer (MFT) solution to its list of known exploited vulnerabilities, warning U.S. federal agencies to patch their systems by June 23.
- June 04, 2023
- 11:14 AM
- 0
-
New MOVEit Transfer zero-day mass-exploited in data theft attacks
Hackers are actively exploiting a zero-day vulnerability in the MOVEit Transfer file transfer software, tracked as CVE-2023-34362, to steal data from organizations.
- June 01, 2023
- 10:47 AM
- 0
-
Barracuda zero-day abused since 2022 to drop new malware, steal data
Network and email security firm Barracuda today revealed that a recently patched zero-day vulnerability had been exploited for at least seven months to backdoor customers' Email Security Gateway (ESG) appliances with custom malware and steal data.
- May 30, 2023
- 04:25 PM
- 0
-
Food distribution giant Sysco warns of data breach after cyberattack
Sysco, a leading global food distribution company, has confirmed that its network was breached earlier this year by attackers who stole sensitive information, including business, customer, and employee data.
- May 09, 2023
- 03:47 PM
- 0
-
Detecting data theft with Wazuh, the open-source XDR
Threat actors can steal data from organizations to sell to other malicious actors, making it a major risk for organizations. Wazuh, the free and open-source XDR/SIEM, offers several capabilities that protection against data theft.
- May 08, 2023
- 10:05 AM
- 0
-
Play ransomware gang uses custom Shadow Volume Copy data-theft tool
The Play ransomware group has developed two custom tools in .NET, namely Grixba and VSS Copying Tool, which it uses to improve the effectiveness of its cyberattacks.
- April 19, 2023
- 06:00 AM
- 1
-
New Money Message ransomware demands million dollar ransoms
A new ransomware gang named 'Money Message' has appeared, targeting victims worldwide and demanding million-dollar ransoms not to leak data and release a decryptor.
- April 02, 2023
- 01:36 PM
- 0
-
The Week in Ransomware - March 24th 2023 - Clop overload
This week's news has been dominated by the Clop ransomware gang extorting companies whose GoAnywhere services were breached using a zero-day vulnerability.
- March 24, 2023
- 05:32 PM
- 0
-
The Week in Ransomware - March 17th 2023 - Shifting to data extortion
The fallout from the Clop ransomware attacks on GoAnywhere platforms has become apparent this week, with the threat actors starting to extort victims on their data leak site and companies confirming breaches.
- March 17, 2023
- 07:01 PM
- 1
