InfoSecBulletin Cybersecurity for mankind
Reportedly, the Russian-speaking Cl0p ransomware group has executed the MOVEit campaign, affecting approximately 1,000 organizations and 60 million individuals.
It is important to highlight that these numbers encompass both entities that are directly and indirectly affected. For example, numerous organizations and millions of individuals had their information compromised through PBI, a research services provider for the pension and financial sectors.
DESCO faces cyber attack: Customers Data Breach
Alert! Google Fixes GCP Composer Flaw
CTF in Bangladesh: Unveiling Challenges, Opportunities and remedies
Bitdefender blog post
Medusa target Fortinet flaw (CVE-2023-48788) for Ransomware Attacks
Ivanti alerts ongoing exploitation of recently patched CAV
CISA unveils 25 new advisories for Industrial Control Systems
Intel Issues Alert on 20+ Vulnerabilities, Urges Firmware Updates
Urgent: GitLab Patches flaws allowing unapproved pipeline Job Execution
Fortinet admits data breach after hacker claims to steal 440GB
Gov.t issues high alert on android devices
ALSO READ:
Google Workspace: New account security, DLP capabilities announced
Cybersecurity firm Emsisoft reported that as of August 24, they had identified a staggering number of 988 victims, affecting approximately 59,200,000 individuals.
The following organizations, including Maximus, Pôle Emploi, the Louisiana Office of Motor Vehicles, the Colorado Department of Health Care Policy and Financing, the Oregon Department of Transportation, the Teachers Insurance and Annuity Association of US, Genworth, PH Tech, Milliman Solutions, and Wilton Reassurance Company, are among those that may have compromised the personal information of over one million individuals.
Resecurity has confirmed that the number of organizations affected by the MOVEit hack is indeed substantial. On August 23rd, the organization reported its awareness of 963 public and private sector organizations worldwide that have fallen victim to this breach.
Cl0p, the group behind this campaign, is expected to make an astounding $100 million. To make matters worse, they have now escalated their tactics by leaking the data of those who have refused to pay.
According to Resecurity, on August 14 and 15, cybercriminals reportedly leaked approximately 1 Tb of data that they had allegedly stolen from 16 victims. The entities affected by this cyber attack comprise UCLA, Siemens Energy, Cognizant, as well as prominent cybersecurity companies such as Norton LifeLock and Netscout.
The data has been exposed via torrents on the surface web, making it considerably simpler for anyone to acquire the pilfered files. According to both Emsisoft and Resecurity, over 80% of the impacted organizations are based in the United States.
The MOVEit campaign used a security vulnerability in the MOVEit Transfer software. The vulnerability allowed attackers to access transferred files without authentication.
