CISA and the FBI confirmed today that the Royal ransomware rebranded to BlackSuit and has demanded over $500 million from victims since it emerged more than two years ago. […]
New CMoon USB worm targets Russians in data theft attacks
A new self-spreading worm named ‘CMoon,’ capable of stealing account credentials and other data, has been distributed in Russia since early July 2024 via a compromised gas supply company website. […]
Windows Update downgrade attack “unpatches” fully-updated systems
SafeBreach security researcher Alon Leviev discovered a Windows Update downgrade attack that can “unpatch” fully-updated Windows 10, Windows 11, and Windows Server systems to reintroduce old vulnerabilities […]
McLaren hospitals disruption linked to INC ransomware attack
On Tuesday, IT and phone systems at McLaren Health Care hospitals were disrupted following an attack linked to the INC Ransom ransomware operation. […]
Over 40,000 Internet-Exposed ICS Devices Found in US: Censys
Censys has found more than 40,000 internet-exposed ICS devices in the US, and notifying owners is in many cases impossible.
The post Over 40,000 Internet-Exposed ICS Devices Found in US: Censys appeared first on SecurityWeek.
UK IT provider faces $7.7 million fine for 2022 ransomware breach
The UK’s Information Commissioner’s Office (ICO) has announced a provisional decision to impose a fine of £6.09M ($7.74 million) on Advanced Computer Software Group Ltd (Advanced) for its failure to protect the personal information of tens of thousands when it was hit by ransomware in 2022. […]
GhostWrite Vulnerability Facilitates Attacks on Devices With RISC-V CPU
Researchers disclose the details of GhostWrite, a RISC-V CPU vulnerability that can be exploited to gain full access to targeted devices.
The post GhostWrite Vulnerability Facilitates Attacks on Devices With RISC-V CPU appeared first on SecurityWeek.
macOS Sequoia brings better Gatekeeper, stalkerware protections
Apple’s macOS Sequoia, now in beta testing, will make it harder to bypass Gatekeeper warnings and add system alerts for potential stalkerware threats. […]
Critical Progress WhatsUp RCE flaw now under active exploitation
Threat actors are actively attempting to exploit a recently fixed Progress WhatsUp Gold remote code execution vulnerability on exposed servers for initial access to corporate networks. […]
Researcher Sounds Alarm on Windows Update Flaws Allowing Undetectable Downgrade Attacks
Researcher showcases hack against Microsoft Windows Update architecture, turning fixed vulnerabilities into zero-days.
The post Researcher Sounds Alarm on Windows Update Flaws Allowing Undetectable Downgrade Attacks appeared first on SecurityWeek.