Fortra cops to exploitation of GoAnywhere file-transfer service defect
Fortra, in its most forceful admission yet, confirmed a maximum-severity defect it disclosed in GoAnywhere MFT has been actively exploited in attacks, yet researchers are…
Category: Cyberscoop
Russian spyware ClayRat is spreading, evolving quickly, according to Zimperium
A fast-spreading Android spyware is mushrooming across Russia, camouflaging itself as popular apps like TikTok or YouTube, researchers at Zimperium have revealed in a blog…
SonicWall admits attacker accessed all customer firewall configurations stored on cloud portal
A brute-force attack exposed firewall configuration files of every SonicWall customer who used the company’s cloud backup service, the besieged vendor said Wednesday. An investigation…
Dozens of Oracle customers impacted by Clop data theft for extortion campaign
Clop, the notorious ransomware group, began targeting Oracle E-Business Suite customers three months ago and started exploiting a zero-day affecting the enterprise platform to steal…
Sen. Peters tries another approach to extend expired cyber threat information-sharing law
A top Senate Democrat introduced legislation Thursday to extend and rename an expired information-sharing law, and make it retroactive to cover the lapse that began…
Voting groups ask court for immediate halt to Trump admin’s SAVE database overhaul
Voting rights groups are asking a court to block an ongoing Trump administration effort to merge disparate federal and state voter data into a massive…
German government says it will oppose EU mass-scanning proposal
Encryption lives on in Europe. For now. The German government has said it will oppose a piece of European Union legislation later this month that…
Microsoft pins GoAnywhere zero-day attacks to ransomware affiliate Storm-1175
Microsoft Threat Intelligence said a cybercriminal group it tracks as Storm-1175 has exploited a maximum-severity vulnerability in GoAnywhere MFT to initiate multi-stage attacks including ransomware.…
OpenAI: Threat actors use us to be efficient, not make new tools
A long-running theme in the use of adversarial AI since the advent of large language models has been the automation and enhancement of well-established hacking…
Oracle zero-day defect amplifies panic over Clop’s data theft attack spree
Federal cyber authorities and threat hunters are on edge following Oracle’s Saturday disclosure of an actively exploited zero-day vulnerability the Clop ransomware group used to…
House Dems seek info about ICE spyware contract, wary of potential abuses
Three House Democrats questioned the Department of Homeland Security on Monday over a reported Immigration and Customs Enforcement contract with a spyware provider that they…
Potential EU law sparks global concerns over end-to-end encryption for messaging apps
Tech experts and companies offering encrypted messaging services are warning that pending European regulation, which would grant governments broad authority to scan messages and content…