CyberSecurity Blog

The Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov, the former founder and CEO of one of Russia’s largest cybersecurity firms. Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classified and hidden from public view, and he joins a growing…
Read more

23 Million Individuals’ Personal Details Exposed, Notifications Collectively Show More details about victims of the Clop crime group’s zero-day attacks on users of the widely used MOVEit file transfer software continue to come to light. Researchers now report that at least 455 organizations were hit directly or indirectly, exposing data for at least 23 million…
Read more

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort, which rents hacked residential and small business devices to cybercriminals looking to hide…
Read more

ICYMI: MITRE, a leading organization in the field of security, recently shared its list of top software threats for 2023. The top spots remain occupied by the same software bugs as last year. …http://dlvr.it/Ssk3Mz

ICYMI: Zero-Day In Third-Party Software Reason for the Hack, Says Security Agency Head Unknown hackers attacked a dozen Norwegian government ministries through a zero day vulnerability present in a shared digital platform, the Oslo government disclosed Monday. The prime minister’s office and the ministries of defense, justice and foreign affairs were unaffected.http://dlvr.it/Ssjvnx

ICYMI: Clop’s Zero-Day Mass Exploitation and Extortion is Apogee of High Impact Innovation The Russian-language Clop crime group’s mass exploitation of MOVEit file-transfer software demonstrates how criminals continue to seek fresh ways to maximize their illicit profits with minimal effort. Ransomware response firm Coveware says Clop may clear over $75 million from this campaign.http://dlvr.it/SsjvLS

ICYMI: 2.6 Million Individuals Notified by TIAA Due to Clop Group’s Hack of PBI Research The count of organizations and individuals affected by Clop’s attack on MOVEit file-transfer users has increased, with the Teachers Insurance and Annuity Association of America reporting that 2.6 million members’ personal details were exposed when Clop hit service provider PBI…
Read more

ICYMI: Hacker One Co-Founder Michiel Prins on the Opportunities and Risks of GAI What does generative AI mean for security? In the short term, and possibly indefinitely, we will see offensive or malicious AI applications outpace defensive ones that use AI for security. We also will see an outsized explosion in new attack surfaces. HackerOne…
Read more

Keeping track of your business success is a lot easier with dashboards. This business intelligence reporting tool helps you see your critical business metrics and key performance indicators (KPIs). With dashboards, you …http://dlvr.it/SsgG0f

Zero-Day In Third-Party Software Reason for the Hack, Says Security Agency Head Unknown hackers attacked a dozen Norwegian government ministries through a zero day vulnerability present in a shared digital platform, the Oslo government disclosed Monday. The prime minister’s office and the ministries of defense, justice and foreign affairs were unaffected.http://dlvr.it/Ssg6Nf