The Week in Ransomware – March 17th 2023
The fallout from the Clop ransomware attacks on GoAnywhere platforms has become apparent this week, with the threat actors starting to extort victims on their…
Category: Bleeping Computer
NBA alerts fans of a data breach exposing personal information
The NBA (National Basketball Association) is notifying fans of a data breach after some of their personal information, “held” by a third-party newsletter service, was…
Microsoft is testing a built-in crypto wallet in Microsoft Edge
Microsoft is working on a non-custodial built-in Ethereum crypto wallet for Microsoft Edge to allow users to send and receive cryptocurrency and NFTs. Public keys…
Hitachi Energy confirms data breach after Clop GoAnywhere attacks
Hitachi Energy confirmed it suffered a data breach after the Clop ransomware gang stole data using a zero-day GoAnyway zero-day vulnerability. Hitachi Energy is a…
RAT developer arrested for infecting 10,000 PCs with malware
Ukraine’s cyberpolice has arrested the developer of a remote access trojan (RAT) malware that infected over 10,000 computers while posing as game applications. “The 25-year-old…
Microsoft shares script to fix WinRE BitLocker bypass flaw
Microsoft has released a script to make it easier to patch a BitLocker bypass security vulnerability in the Windows Recovery Environment (WinRE). This PowerShell script…
Conti-based ransomware ‘MeowCorp’ gets free decryptor
A decryption tool for a modified version of the Conti ransomware could help hundreds of victims recover their files for free. The utility works with…
Fortinet zero-day attacks linked to suspected Chinese hackers
A suspected Chinese hacking group has been linked to a series of attacks on government organizations exploiting a Fortinet zero-day vulnerability (CVE-2022-41328) to deploy malware.…
BianLian ransomware gang shifts focus to pure data extortion
The BianLian ransomware group has shifted its focus from encrypting its victims’ files to only exfiltrating data found on compromised networks and using them for…
Google finds 18 zero-day vulnerabilities in Samsung Exynos chipsets
Project Zero, Google’s zero-day bug-hunting team, discovered and reported 18 zero-day vulnerabilities in Samsung’s Exynos chipsets used in mobile devices, wearables, and cars. The Exynos…
FakeCalls Android malware returns with new ways to hide on phones
Android malware ‘FakeCalls’ is circulating again in South Korea, imitating phone calls for over 20 financial organizations and attempting to fool bankers into giving away…
Adobe Acrobat Sign abused to push Redline info-stealing malware
Cybercriminals are abusing Adobe Acrobat Sign, an online document signing service, to distribute info-stealing malware to unsuspecting users. The service is being abused to send…