Active Threats
Microsoft Links Clop Ransomware Gang to MOVEit Data-Theft Attacks
[ Posted: 2023-06-06 ]
On Sunday night, Microsoft's Threat Intelligence team tweeted that they have linked the recent attacks that exploit a zero-day vulnerability in the MOVEit Transfer platform to the Clop ransomware gang, which is also known as Lace Tempest. This particular gang has gained a reputation for conducting ransomware operations and managing the Clop extortion site. BleepingComputer was the first to report last Thursday that threat actors have been exploiting a previously unknown vulnerability in MOVEit Transfer servers to illicitly obtain data from targeted organizations.
Zyxel Shares Tips on Protecting Firewalls From Ongoing Attacks.
[ Posted: 2023-06-05 ]
Zyxel has published a security advisory containing guidance on protecting firewall and VPN devices from ongoing attacks and detecting signs of exploitation. This warning comes in response to multiple reports of widespread exploitation of the CVE-2023-28771 and the exploitability and severity of CVE-2023-33009 and CVE-2023-33010, all impacting Zyxel VPN and firewall devices.
New Linux Ransomware BlackSuit is Similar to Royal Ransomware
[ Posted: 2023-06-05 ]
Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. The human-operated Royal ransomware first appeared on the threat landscape in September 2022, it has demanded ransoms up to millions of dollars.
Toyota Admits to Yet Another Cloud Leak
[ Posted: 2023-06-05 ]
Toyota, the automobile manufacturer, apologized for leaking customer records online due to a misconfigured cloud environment. This is the second time Toyota has apologized for a cloud leak in recent weeks. The company said the leak was caused by "insufficient dissemination and enforcement of data handling rules." Toyota said there is no evidence that the data has been misused.
Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
[ Posted: 2023-06-02 ]
The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of ‘basic machine enumeration and command execution via PowerShell or Goroutines.’ What the malware lacks in terms of sophistication, it makes up for it when it comes to establishing redundant methods to retain access to the compromised host by means of multiple persistency tasks and varied methods to communicate with different servers.
Cyber Security Cafe
Cyber Security Cafe is a private public service and offers no goods or services other than posting the current cyber threats we are facing and what we can do to prevent us from being affected and if we are, what we can do to correct the problems and to avoid intrusions in the future.
- Prevention often means not accepting the 'easy' ways.
- Most of Modern Technology exists in order to obtain your personal data.
Current Threats
Current Treats so you the latest and often most dangerous cyber threats. They indicate where they orininated from, and what areas they are targeting. By knowing in advance you can take precautionary actions now, before it's too late.
Cyber Solutions
Are a group of tools and information that is designed to keep you up to date and to give you the tools to protect both your network and equipment. Most of the tools are available 'free of charge' too and are provided by safe governmental agencies.