BlackCat Ransomware Raises Ante After FBI Disruption
Source: KrebsonSecurity
The U.S. Federal Bureau of Investigation (FBI) disclosed today that it infiltrated the world’s second most prolific ransomware gang, a Russia-based criminal group known as ALPHV and BlackCat. The FBI said it seized the gang’s darknet website, and released a decryption tool that hundreds of victim companies can use to recover systems.
Meanwhile, BlackCat responded by briefly “unseizing” its darknet site with a message promising 90 percent commissions for affiliates who continue to work with the crime group, and open season on everything from hospitals to nuclear power plants.
3,500 Arrested, $300 Million Seized in International Crackdown on Online Fraud
Source: Security Week
As part of an international effort to tackle online financial fraud, authorities in 34 countries have arrested approximately 3,500 suspects and seized roughly $300 million worth of assets, Interpol announced on Tuesday. The six-month operation, named HAECHI IV, targeted business email compromise (BEC), ecommerce fraud, investment fraud, voice phishing, money laundering associated with illegal online gambling, romance scams, and online sextortion schemes.
Comcast Ties Breach Affecting 36M Customers to Citrix Bleed
Source: Data Breach Today
Just weeks shy of the year's end, America's largest telecommunications and media conglomerate has announced that it suffered one of the biggest known data breaches of 2023 due to a flaw dubbed Citrix Bleed.
Philadelphia-based Comcast Cable Communications, in a data breach notification filed with the attorney general in Maine, reported that attackers had breached its systems in October and stolen personal details pertaining to 35,879,455 customers of its Xfinity-branded TV, internet and home telephone services.
Nearly 3 million affected by ransomware attack on medical software firm
Source: The Record
Millions of people across the U.S. had their information exposed following a ransomware attack on a company that provides software to hospitals and emergency medical services.
Physical Access Systems Open Cyber Door to IT Networks
Source: Dark Reading
Cyberattackers can exploit access control measures installed on supposedly secure facility doors to gain unauthorized building access to sensitive locations — as well as breach internal IP networks directly from these systems, researchers are warning.