Barracuda Networks is warning that a zero-day vulnerability that it recently discovered and patched in its Email Security Gateway appliances appears to have been exploited since October 2022. Attackers used the flaw to gain persistent remote access to networks and exfiltrate data, it said.
How many hackers can claim to have caused a national cheese shortage, not least in the Gouda-loving Netherlands? Enter Mikhail Matveev, a Russian national who's been indicted for wielding not one but three strains of ransomware, in what experts say is a needed focus on ransomware affiliates.
Australian consumer lender Latitude Financial Services anticipates its spring cybersecurity incident will cost it up to AU$105 million, which includes a five-week period during which debt collection systems were severely affected by the attack.
An upstate New York medical specialty practice has reported to regulators that the information of nearly 224,500 employees and patients was compromised in a hacking incident discovered in March. Ransomware group RansomHouse claims to have downloaded 2 terabytes of the entity's data.
Britain's privacy watchdog has seen a surge in data breach reports from outsourcing giant Capita's customers tied to two incidents: a March hack attack by a ransomware group against Capita and one of the company's Amazon Web Service buckets being left unsecured for six years.
Security researchers discovered an Iran-linked APT group carrying out a new chain of ransomware attacks against Israeli organizations. Check Point said attackers surprisingly carried out most of the activity manually over RDP but warned they are growing better at coding malware and using tools.
In the days between May 19 and May 25, the spotlight was on flaws in Barracuda Networks Email Security Gateway appliances, another GoAnywhere data breach that affected Franklin Templeton Canada and an American teenager out on bail and facing federal charges for hacking DraftKings accounts.
Hospital chain CommonSpirit has upped its estimate on the financial toll incurred by a ransomware incident last fall that disrupted IT systems and patient services at some of its facilities for weeks. But company officials reportedly expect many of the costs to be covered by the company's insurance.
Breach notifications from British outsourcing giant Capita mount amid signs the multibillion-pound company doesn't have a firm grip on how much data it exposed. For a company that trumpets its ability to "achieve better outcomes," Capita's inability to grasp the impact of its breaches is ironic.
An IT security analyst has confessed to trying to blackmail his employer by altering ransom notes sent from a hacker to a board member and changing the cryptocurrency payment address to one he controlled. After his employer detected the unusual activity, U.K. police traced it back to the worker.
The LockBit ransomware group on Tuesday published 1.5 terabytes of data the group says it stole from Bank Syariah Indonesia after ransom negotiations broke down. The group says the records include information of about 15 million customers and employees of the country's largest Islamic bank.
In this week's data breach roundup: the Philadelphia Inquirer, Swiss multinational ABB, French electronics manufacturer Lacroix, the U.S. Department of Transportation employee data and more. Dallas is still recovering from a ransomware attack and researchers infiltrated a ransomware group.
The BianLian ransomware group is abandoning malicious encryption in favor of pure extortion, warns the U.S. top cybersecurity agency. A major likely factor in BianLian's shift was cybersecurity firm Avast's January release of a free decryptor.
The Royal ransomware group, which spun off from Conti in early 2022, is refining its downloader malware using tactics and techniques that appear to draw directly from other post-Conti groups, as well as working closely with trusted former associates of Conti, REvil and Hive, researchers say.
Security researchers say a new Babuk knockoff ransomware group emerged in April and has already claimed targets in the United States and South Korea. Threat intelligence company Cisco Talos says RA Group is the latest criminal group to take advantage of the June 2021 leak of Babuk source code.