MOVEit Customers Urged to Patch Third Critical Vulnerability
Progress Software is urging MOVEit customers to apply patches to a third critical vulnerability in the file transfer software in less than one month. Tracked…
Category: SecurityWeek
Microsoft Says Early June Disruptions to Outlook, Cloud Platform, Were Cyberattacks
In early June, sporadic but serious service disruptions plagued Microsoft’s flagship office suite — including the Outlook email and OneDrive file-sharing apps — and cloud…
In Other News: Linux Kernel Exploits, Update on BEC Losses, Cybersecurity Awareness Act
SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a…
Russian Hackers Using USB-Spreading Malware in Attacks on Ukrainian Government, Military
Russia-linked hacking group Gamaredon has been observed infecting USB drives for lateral movement within compromised Ukrainian networks, Symantec reports. Active since at least mid-2013 and…
Russian National Arrested, Charged in US Over Role in LockBit Ransomware Attacks
The US Justice Department on Thursday announced charges against a third Russian national allegedly involved in deploying the LockBit ransomware. The man, Ruslan Magomedovich Astamirov,…
Ransomware Group Starts Naming Victims of MOVEit Zero-Day Attacks
The Cl0p ransomware group has made public the names of more than two dozen organizations that appear to have been targeted in a campaign leveraging…
CISA, NSA Share Guidance on Hardening Baseboard Management Controllers
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have published new guidance to help organizations harden baseboard management controllers (BMCs).…
Content Moderation Tech Startup Trust Lab Snags $15M Investment
Trust Lab, a Silicon Valley startup founded by Google’s former head of Trust and Safety, has bagged $15 million in venture capital funding to build…
OT Security Firm Shift5 Adds $33 Million in Funding
Arlington, VA-based OT security firm Shift5 has raised an additional $33 million in its Series B financing. $50 million was announced in February 2022. The…
XSS Vulnerabilities in Azure Led to Unauthorized Access to User Sessions
Two cross-site scripting (XSS) vulnerabilities in Azure Bastion and Azure Container Registry (ACR) could have led to unauthorized access to user sessions, data tampering, and…
US Organizations Paid $91 Million to LockBit Ransomware Gang
The LockBit ransomware gang has launched roughly 1,700 attacks in the United States and received approximately $91 million in ransom payments, the US government says.…
Barracuda Zero-Day Attacks Attributed to Chinese Cyberespionage Group
The recent attacks exploiting a zero-day vulnerability in a Barracuda Networks email security appliance have been attributed by Mandiant to a Chinese cyberespionage group. The…