InfoSecBulletin Cybersecurity for mankind
Ransomware groups claimed the highest number of attacks in May, but experts believe the claims might be exaggerated.
Last month, ransomware gangs posted 450 victims to their extortion sites, which is an increase compared to the 328 victims in April. The highest number of attacks ever recorded was 484, posted by groups in July 2023.
Hackers Bypass Gmail MFA With App-Specific Password Reuse
Russia detects first SuperCard malware attacks via NFC
Income Property Investments exposes 170,000+ Individuals record
ALERT (CVE: 2023-28771)
Zyxel Firewalls Under Attack via CVE-2023-28771 by 244 IPs
CISA Flags Active Exploits in Apple iOS and TP-Link Routers
10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online
Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems
Paraguay 7.4 Million Citizen Records Leaked on Dark Web
High-Severity Flaw in HashiCorp Nomad Allows Privilege Escalation
SoftBank: Over 137,000 personal info leaked
Over a third of last month’s attacks were linked to LockBit, a group that had its website seized by law enforcement in February. Some leaders of the group claim that the takedown did not completely stop their activities, and LockBit is still operating.
LockBit has claimed to have attacked many organizations lately. However, cybersecurity experts doubt these claims and believe it’s a public relations strategy to reassure partners that their operations are running smoothly.
Allan Liska, a ransomware expert from Recorded Future, tracks and analyzes data from extortion sites, government agencies, news reports, and hacking forums. Many attacks listed on the site seem to be duplicates or old attacks that were never posted on the extortion site to begin with.
“The problem is that it is often difficult to determine what is real and what is made up as a way for LockBit to save face… Criminals are, to put it gently, unreliable narrators when it comes to victim reporting.”
