Interpol Hunts for Remaining Clop Ransomware Members

INTERPOL is still on the hunt for two suspected members of the Clop ransomware gang after making multiple arrests in the summer following a 30-month operation, it has revealed. In an update on Operation Cyclone, the law enforcement agency said that the two Red Notices had been circulated to all 194 member countries around the world following […]

McAfee to be taken private by Advent-led group in $14 billion deal

Nov 8 (Reuters) – McAfee Corp (MCFE.O) said on Monday a consortium led by U.S. private equity firm Advent International will take the cyber security company private in a $14 billion deal. The deal comes as a pandemic-driven shift to remote working and a rise in cyber attacks have spurred demand for antivirus and digital […]

This could be a great time to patch your Linux kernel

Patch to address significant security bug has been released (Image credit: Shutterstock) Cybersecurity researchers have helped fix a critical heap-overflow security vulnerability in the Linux kernel that could be exploited either locally or through remote code execution (RCE) to compromise the vulnerable Linux computers. Discovered by SentinelLabs’ researcher Max Van Amerongen, the vulnerability tracked as […]

Chinese APT Group Compromised Healthcare Organizations by Exploiting Zoho Password Management Platform Flaw

An advanced persistent threat (APT) actor has been conducting an espionage campaign that has seen the systems of at least 9 organizations compromised. The campaign targeted organizations in a range of critical sectors, including healthcare, energy, defense, technology, and education. It was identified by security researchers at Palo Alto Networks and while the identity of […]

CERT-France: Lockean ransomware group behind attacks on French companies

French cybersecurity officials have identified today for the first time a ransomware “affiliate group” that is responsible for a long list of attacks against French companies over the past two years. Identified as Lockean, the group’s activities and modus operandi were detailed today in a comprehensive report published by France’s Computer Emergency Response Team (CERT-FR), a division of […]

US sanctions four companies selling hacking tools, including NSO Group & Candiru

The US government has sanctioned today four companies that develop and sell spyware and other hacking tools, the US Department of Commerce announced today. The four companies include Israel’s NSO Group and Candiru, Russian security firm Positive Technologies, and Singapore-based Computer Security Initiative Consultancy. US officials said the four companies engaged in “activities that are contrary to the national security […]

CISA creates catalog of known exploited vulnerabilities, orders agencies to patch

The US Cybersecurity and Infrastructure Security Agency has established today a public catalog of vulnerabilities known to be exploited in the wild and has issued a binding operational directive ordering US federal agencies to patch affected systems within specific timeframes and deadlines. The catalog —available online here— currently lists 306 vulnerabilities, with some as old as […]

GitLab servers are being exploited in DDoS attacks in excess of 1 Tbps

Threat actors are exploiting a security flaw in GitLab self-hosted servers to assemble botnets and launch gigantic distributed denial of service (DDoS) attacks, with some in excess of 1 terabit per second (Tbps). The DDoS attacks, disclosed today by Damian Menscher, a Security Reliability Engineer at Google Cloud responsible for Google’s DDoS defenses, are exploiting CVE-2021-22205, […]

Hackers used billing software zero-day to deploy ransomware

An unknown ransomware group is exploiting a critical SQL injection bug found in the BillQuick Web Suite time and billing solution to deploy ransomware on their targets’ networks in ongoing attacks. BQE Software, the company behind BillQuick, claims to have a 400,000 strong user base worldwide. The vulnerability, tracked as CVE-2021-42258, can be triggered extremely easily […]

Report: SolarWinds Hackers Targeting IT Supply Chain

A file image of Microsoft, which has outlined recent activity by Nobelium, the group behind the SolarWinds campaign The nation-state actor behind the 2020 cyberattack targeting SolarWinds customers – Nobelium – is continuing its campaign to target the global IT supply chain, according to a new advisory from Microsoft, which says 140 resellers and technology […]