Security Leftovers
-
CISA Order Highlights Persistent Risk at Network Edge
The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.
-
CISA, NSA Share Guidance on Hardening Baseboard Management Controllers [Ed: They are both proponents of back doors rather than security]
CISA and the NSA have published new guidance to help organizations harden baseboard management controllers (BMCs).
-
Barracuda Zero-Day Attacks Attributed to Chinese Cyberespionage Group
Attacks exploiting the Barracuda zero-day CVE-2023-2868 have been linked to a Chinese cyberespionage group that has targeted government and other organizations.
-
Fake Security Researcher Accounts Pushing Malware Disguised as Zero-Day Exploits
Fake security researcher accounts seen distributing malware disguised as Chrome, Signal, WhatsApp, Discord and Exchange zero-day exploits.
> -
US Organizations Paid $91 Million to LockBit Ransomware Gang [Ed: Microsoft Windows TCO]
LockBit ransomware operators launched 1,700 attacks in the US and received roughly $91 million in ransom payments.
-
Russian man arrested for alleged involvement with LockBit ransomware gang [Ed: Microsoft Windows TCO]
A Russian national has been arrested in Arizona on charges alleging that he was involved in multiple LockBit ransomware attacks against victims in the U.S., Asia, Europe and Africa. The LockBit ransomware gang, which first emerged in 2020, operates on a ransomware-as-a-service model where affiliates use already developed ransomware to execute attacks.
-
Energy Department among federal agencies breached by Russian ransomware gang [Ed: Microsoft Windows TCO]
U.S. officials say the Department of Energy is among a small number of federal agencies compromised in a Russian cyber-extortion gang’s global hack of a file-transfer program popular with corporations and governments. They say the impact is not expected to be great. Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, told reporters that the hacking campaign was short, opportunistic and caught quickly. A senior CISA official said neither the U.S. military nor intelligence community was affected. Known victims to date include Louisiana’s Office of Motor Vehicles and Oregon's Department of Transportation.
-
Cl0p gang claimed to have hit many US agencies through MOVEit flaw
The TV outlet said the US Department of Energy was among those hit but a CISA spokesperson did not offer any comments when asked who was responsible and how many agencies had been affected.
-
Clop MOVEit hacking victims now include Department of Energy facilities
The number of victims targeted by the Clop ransomware gang's targeting of a critical vulnerability in Progress Software Corp.’s MOVEit file transfer software continues to grow, with the revelation today that the victims now include several U.S. government agencies.
-
The Top 21 Open-Source Tools for Securing Your Linux Server [Ed: Old, but just updated]
Over the years, I have come across many blogs that claim Linux is impenetrable by security attackers too many times to count. While it is
-
Law firm HWL Ebsworth in a world of pain after Alphv attack
It is more than somewhat ironical that HWL Ebsworth, the Australian law firm that is reeling after a ransomware attack that led to massive data theft, has a slogan on its website saying, "We're not your typical law firm".