Tag: realize | SpinSafe

The tail of the MOVEit hack may be longer than we realize

July 19, 2023/in Internet Security

The total number of organizations compromised by the MOVEit hack remains a mystery.

The Cl0p extortion group, which exploited at least one of the vulnerabilities in Progress Software’s popular file transfer service, has been publishing a steady drip of what it claims are newly identified victims daily. So far, there are no signs that the pace of reported incidents is slowing since the breach was disclosed in May.

Cl0p has posted the names of hundreds of companies, state and local governments, universities and other organizations on its dark web leak site. It’s threats include leaking the data of any alleged victim if payment demands are not met. Meanwhile dozens of organizations have confirmed through media reports, public statements or regulatory disclosures that their data was indeed stolen.

That puts MOVEit in rarefied air as the most widespread file transfer hack recorded. But the daily stream of newly disclosed impacted companies has many security experts asking where the bottom is, and when Cl0p may finally exhaust its pool of companies to extort. Thus far, Cl0p is the only group that cybersecurity experts have seen exploiting one of the vulnerabilities, but Progress Software has announced a slew of similar SQL bugs in the past two months.

John Hammond, a senior security researcher at Huntress, quipped to SC Media that Cl0p “certainly knows how to drag out the news cycle.”

“The MOVEit Transfer exploitation still seems to be an incident that never dies. Between the initial infection, the following vulnerabilities that we at Huntress discovered…and of course Cl0p’s continued leaking of company data, this has continued for over a month and a half now,” Hammond told SC Media.

Nearly 370 organizations confirmed in MOVEit breach

Thus far, much of the public discussion around the impact of the hacks has focused on direct Progress Software’s customers, or entities that purchased or used its file transfer service. But cybersecurity experts who have sorted through the wreckage, as well as companies that specialize in scrutinizing software supply chain vulnerabilities, believe the universe of potential exposure could reach well beyond that group.

Brett Callow, a ransomware…

Source…

You realize, of course, this means War

January 2, 2018/in Internet Security

You realize, of course, this means War Security Boulevard

Full coverage

chinese hackers – read more

Sundown Exploit Kit ‘Larger Threat Than People Realize’ – Threatpost

November 3, 2016/in Internet Security

Threatpost

Sundown Exploit Kit 'Larger Threat Than People Realize'
Threatpost
Now, Cisco Talos security researchers are bracing for new entrants to fill the void, starting with the Sundown exploit kit. Over the past six months, Sundown has become a significant threat responsible for a large number of infections. Researcher Nick …
Sundown Becomes a Rising Star on the EK Scene – Infosecurity …Infosecurity Magazine

all 2 news articles »

“exploit kit” – read more

EFF: Americans may not realize it, but many are in a face recognition database now

July 19, 2012/in Internet Security

People are not going to, nor should they have to, start walking around outside with a bag over their head to avoid security cameras capturing images of them. Yet “face recognition allows for covert, remote and mass capture and identification of images — and the photos that may end up in a database include not just a person’s face but also how she is dressed and possibly whom she is with. Read more

Ms. Smith’s blog

Tag Archive for: realize

Nearly 370 organizations confirmed in MOVEit breach