InfoSecBulletin Cybersecurity for mankind
Reportedly, the Russian-speaking Cl0p ransomware group has executed the MOVEit campaign, affecting approximately 1,000 organizations and 60 million individuals.
It is important to highlight that these numbers encompass both entities that are directly and indirectly affected. For example, numerous organizations and millions of individuals had their information compromised through PBI, a research services provider for the pension and financial sectors.
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
ALSO READ:
Google Workspace: New account security, DLP capabilities announced
Cybersecurity firm Emsisoft reported that as of August 24, they had identified a staggering number of 988 victims, affecting approximately 59,200,000 individuals.
The following organizations, including Maximus, Pôle Emploi, the Louisiana Office of Motor Vehicles, the Colorado Department of Health Care Policy and Financing, the Oregon Department of Transportation, the Teachers Insurance and Annuity Association of US, Genworth, PH Tech, Milliman Solutions, and Wilton Reassurance Company, are among those that may have compromised the personal information of over one million individuals.
Resecurity has confirmed that the number of organizations affected by the MOVEit hack is indeed substantial. On August 23rd, the organization reported its awareness of 963 public and private sector organizations worldwide that have fallen victim to this breach.
Cl0p, the group behind this campaign, is expected to make an astounding $100 million. To make matters worse, they have now escalated their tactics by leaking the data of those who have refused to pay.
According to Resecurity, on August 14 and 15, cybercriminals reportedly leaked approximately 1 Tb of data that they had allegedly stolen from 16 victims. The entities affected by this cyber attack comprise UCLA, Siemens Energy, Cognizant, as well as prominent cybersecurity companies such as Norton LifeLock and Netscout.
The data has been exposed via torrents on the surface web, making it considerably simpler for anyone to acquire the pilfered files. According to both Emsisoft and Resecurity, over 80% of the impacted organizations are based in the United States.
The MOVEit campaign used a security vulnerability in the MOVEit Transfer software. The vulnerability allowed attackers to access transferred files without authentication.
