Security News
Ransomware crooks claim they've stolen data from a firm that helps other organizations run medical trials after one of its executives had their cellphone number and accounts hijacked. The Register understands one or more people close to or affiliated with the notorious Alphv, aka BlackCat, extortion gang managed to get into a work account of an exec at Advarra and may have copied out at least some information from the business.
The Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack. The Toronto Public Library is Canada's largest public library system, giving access to 12 million books through 100 branch libraries across the city.
The short-lived RansomedVC ransomware operation is being shopped around by its owner, who is claiming to offer a 20 percent discount just a day after first listing it for sale. Citing "Personal reasons" alongside the desire to avoid "Being monitored by federal agencies," the owner of RansomedVC is looking for someone who wants to carry on the project.
Ransomware attacks continue at a record-breaking pace, with Q3 2023 global ransomware attack frequency up 11% over Q2 and 95% year-over-year, according to Corvus Insurance. In its Q2 2023 Global Ransomware Report, Corvus noted a significant resurgence in global ransomware attacks, which has continued through the third quarter.
Top White House officials are working to secure an agreement between almost 50 countries to not pay ransom demands to cybercriminals as the international Counter Ransomware Initiative summit gets underway in Washington DC Tuesday. Second, member governments will also increase their information-sharing capabilities via two dedicated platforms that let countries rapidly exchange threat indicators following ransomware infections.
Citrix Bleed, the critical information-disclosure bug that affects NetScaler ADC and NetScaler Gateway, is now under "Mass exploitation," as thousands of Citrix NetScaler instances remain vulnerable, according to security teams. In the past week, GreyNoise observed 137 individual IP addresses attempting to exploit this Citrix vulnerability.
"Ransomware is an issue that knows no borders. And as long as there's money flowing to ransomware criminals the problem will continue to grow," Neuberger told reporters on Monday. Data from NCC Group revealed a total of 514 ransomware attacks in September, surpassing March 2023's record of 459 incidents after a wave of Clop's Fortra GoAnywhere data theft attacks.
Stanford University has confirmed it is "Investigating a cybersecurity incident" after an attack last week by the Akira ransomware group. Akira claimed the attack on Stanford on October 27, saying it had stolen 430 GB worth of data from the renowned education institution.
The FBI has recently warned about dual ransomware attacks, a new trend that involves criminals carrying out two or more attacks in close proximity to each other. The time between attacks ranges from 48 hours to a maximum of ten days.
More than one-third of companies still do not have a well-rounded, holistic ransomware strategy in place, according to Zerto. In all, just over half of the companies surveyed focus on both recovery and prevention.