Monday , September 9 2024

US govt offers $10 million bounty for info on Clop ransomware

The Rewards for Justice program, run by the U.S. State Department, has recently offered a bounty of up to $10 million for any information linking the Clop ransomware attacks to a foreign government. The program aims to gather intelligence on various threat actors and cyber attacks that pose a national security risk to the United States.

Originally focused on gathering information about terrorists targeting U.S. interests, Rewards for Justice has expanded its scope to include cyber criminals like the Conti ransomware operation, Russian Sandworm hackers, REvil ransomware, and the Evil Corp hacking group.

ALSO READ:

Progress LoadMaster exposed to a critical 10/10 vulnerability

Progress Software released an emergency fix for a critical vulnerability (10/10) in its Loadmaster and LoadMaster Multi-Tenant Hypervisor products, which...
Read More
Progress LoadMaster exposed to a critical 10/10 vulnerability

Cisco released security updates for two critical security flaws

CISCO released security updates for two critical security flaws impacting its smart Licensing Utility that could allow unauthenticated, remote attackers...
Read More
Cisco released security updates for two critical security flaws

OpenBAS: Cutting-edge breach and attack simulation platform

OpenBAS is a platform that helps organizations to plan, schedule, and conduct crisis exercises, adversary simulations, and breach simulations. OpenBAS...
Read More
OpenBAS: Cutting-edge breach and attack simulation platform

Critical Security Flaws Patched in Zyxel Networking Devices

Zyxel has released software updates to fix a serious security issue in certain access point (AP) and security router versions....
Read More
Critical Security Flaws Patched in Zyxel Networking Devices

CVE-2024-38811: CEV In VMware Fusion Unveiled

VMware released a security advisory for a major vulnerability in the VMware Fusion product. This vulnerability could be exploited by...
Read More
CVE-2024-38811: CEV In VMware Fusion Unveiled

CERT-IN Warns Vulnerabilities in Palo Alto Networks applications

Indian Computer Emergency Response Team (CERT-IN) issued advisories about multiple vulnerabilities in various Palo Alto Networks applications. Attackers could exploit...
Read More
CERT-IN Warns Vulnerabilities in Palo Alto Networks applications

How Malaysia’s Data Centre Industry Poised for Growth

Malaysia is quickly becoming a leading choice for investing in data centers. It aims to generate RM3.6 billion (US$781 million)...
Read More
How Malaysia’s Data Centre Industry Poised for Growth

RansomHub exfiltrated data over 210 victims: US alert

US authorities have issued a cybersecurity advisory about a ransomware group called RansomHub. The group is thought to have stolen data...
Read More
RansomHub exfiltrated data over 210 victims: US alert

Godzilla Fileless Backdoor Exploits Atlassian Confluence flaw

There is a new way to attack Atlassian Confluence using the vulnerability CVE-2023-22527. The Confluence Data Center and Server products...
Read More
Godzilla Fileless Backdoor Exploits Atlassian Confluence flaw

New Cicada ransomware targets VMware ESXi servers

The Cicada3301 ransomware is made in Rust and attacks Windows and Linux/ESXi hosts. Truesec researchers examined a version that targets...
Read More
New Cicada ransomware targets VMware ESXi servers

Microsoft says disruptions to Outlook, cloud platform, were cyberattacks

The decision to offer this new bounty comes in response to the Clop ransomware attacks, which involved the theft of data from numerous companies worldwide using a zero-day vulnerability in the MOVEit Transfer security file transfer platform. These attacks began on May 27th, coinciding with the U.S. Memorial Day holiday. The Clop ransomware gang claimed responsibility for the data theft and subsequently attempted to extort the affected companies by threatening to leak their data if a ransom was not paid.

During these attacks, several U.S. federal agencies, including the Department of Energy, were breached, raising concerns about the potential theft of sensitive data. While the Clop threat actors have stated that they delete any stolen government data and are solely driven by financial motives rather than political interests, the veracity of their claims cannot be confirmed. As a result, federal agencies must operate under the assumption that the stolen data could be misused or acquired by foreign governments.

In an effort to prevent future attacks and gather information about the Clop operation, the Rewards for Justice program is offering a substantial reward to anyone, including other threat actors, who can provide tips. To facilitate the submission of information, the State Department has established a dedicated Tor SecureDrop server where individuals can anonymously share information regarding Clop and other threat actors.

Check Also

TD Bank

Bank employee accessed customer data: affect 41 bank clients

A bank employee accesses the personal information of several dozen customers. The person did that …

Leave a Reply

Your email address will not be published. Required fields are marked *