Security News

How LockBit used Citrix Bleed to breach Boeing and other targetsCVE-2023-4966, aka "Citrix Bleed", has been exploited by LockBit 3.0 affiliates to breach Boeing's parts and distribution business, and "Other trusted third parties have observed similar activity impacting their organization," cybersecurity and law enforcement officials have confirmed on Tuesday. Apache ActiveMQ bug exploited to deliver Kinsing malwareAttackers are exploiting a recently fixed vulnerability in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems.

CVE-2023-4966, aka "Citrix Bleed", has been exploited by LockBit 3.0 affiliates to breach Boeing's parts and distribution business, and "Other trusted third parties have observed similar activity impacting their organization," cybersecurity and law enforcement officials have confirmed on Tuesday. "Due to the ease of exploitation, CISA and the authoring organizations expect to see widespread exploitation of the Citrix vulnerability in unpatched software services throughout both private and public networks," the agencies warned.

Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and...

Cybercrime group worried over dwindling payments ... didn't they tell them to Always Be Closing? In response to growing frustrations inside the LockBit organization, its leaders have overhauled...

The Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability to breach the systems of large organizations, steal data, and encrypt files. Although Citrix made fixes available for CVE-2023-4966 more than a month ago, thousands of internet-exposed endpoints are still running vulnerable appliances, many in the U.S. High-profile Lockbit attacks.

The LockBit ransomware gang published data stolen from Boeing, one of the largest aerospace companies that services commercial airplanes and defense systems. LockBit hackers said that Boeing ignored warnings that data would become publicly available and threatened to publish a sample of about 4GB of the most recent files.

The LockBit crew is claiming to have leaked all of the data it stole from Boeing late last month, after the passenger jet giant apparently refused to pay the ransom demand. Neither data dump has been verified by The Register, and Boeing declined to answer specific questions about the incident or the stolen files.

Aerospace giant Boeing is investigating a cyberattack that impacted its parts and distribution business after the LockBit ransomware gang claimed that they breached the company's network and stole data. The ransomware gang said on Friday that they allegedly breached Boeing's network and stole a significant amount of sensitive information that they would leak online five days later if the airplane maker didn't reach out before the deadline.

"Security In Brief Notorious ransomware gang LockBit has reportedly exfiltrated"a tremendous amount of sensitive data from aerospace outfit Boeing. VX underground published a screenshot of Lockbit's announcement, and threat to expose data if Boeing does not engage with it by November 2nd. Boeing has told US media it is investigating Lockbit's claims.

CDW, one of the largest resellers on the planet, will have its data leaked by LockBit after negotiations over the ransom fee broke down, a spokesperson for the cybercrime gang says. LockBit did not respond to questions relating to what its original ransom demand was or what CDW offered in the negotiations.