-- Leo's gemini proxy
-- Connecting to gemini.tuxmachines.org:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en-GB
Tux Machines
Posted by Roy Schestowitz on Jun 17, 2023
> The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.
> CISA and the NSA have published new guidance to help organizations harden baseboard management controllers (BMCs).
> Attacks exploiting the Barracuda zero-day CVE-2023-2868 have been linked to a Chinese cyberespionage group that has targeted government and other organizations.
> Fake security researcher accounts seen distributing malware disguised as Chrome, Signal, WhatsApp, Discord and Exchange zero-day exploits.
> LockBit ransomware operators launched 1,700 attacks in the US and received roughly $91 million in ransom payments.
> A Russian national has been arrested in Arizona on charges alleging that he was involved in multiple LockBit ransomware attacks against victims in the U.S., Asia, Europe and Africa. The LockBit ransomware gang, which first emerged in 2020, operates on a ransomware-as-a-service model where affiliates use already developed ransomware to execute attacks.
> U.S. officials say the Department of Energy is among a small number of federal agencies compromised in a Russian cyber-extortion gang’s global hack of a file-transfer program popular with corporations and governments. They say the impact is not expected to be great. Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, told reporters that the hacking campaign was short, opportunistic and caught quickly. A senior CISA official said neither the U.S. military nor intelligence community was affected. Known victims to date include Louisiana’s Office of Motor Vehicles and Oregon's Department of Transportation.
> The TV outlet said the US Department of Energy was among those hit but a CISA spokesperson did not offer any comments when asked who was responsible and how many agencies had been affected.
> The number of victims targeted by the Clop ransomware gang's targeting of a critical vulnerability in Progress Software Corp.’s MOVEit file transfer software continues to grow, with the revelation today that the victims now include several U.S. government agencies.
> Over the years, I have come across many blogs that claim Linux is impenetrable by security attackers too many times to count. While it is
> It is more than somewhat ironical that HWL Ebsworth, the Australian law firm that is reeling after a ransomware attack that led to massive data theft, has a slogan on its website saying, "We're not your typical law firm".
-- Response ended
-- Page fetched on Sat Jun 1 09:01:12 2024