Displaying items by tag: Bleeping Computer

Data theft using a zero-day in the secure managed file transfer software MOVEit Transfer has been claimed to be carried out by the Cl0p ransomware group, with the incidents starting on 27 May.

The ransomware group behind the Medibank Group attack claims it initially demanded US$10 million (A$15.55 million) as a ransom, but is willing to accept US$9.7 million instead – US$1 for each customer the company claims is at risk. Ransomware largely attacks Microsoft's Windows operating system.

Microsoft has issued a long write-up about flaws that could lead to escalation of privilege on Linux systems, which it has collectively called Nimbuspwn, but failed to mention that none of these flaws can be exploited remotely.

An FBI portal was breached by an unknown individual who sent out bogus warning emails to numerous people, and blamed a third party for the act.

A blog post published by the security firm Flashpoint on 22 October appears to have been the starting point for the claim that a supposedly new ransomware gang Groove was a hoax and one designed to make both security firms and the media look foolish.

A number of Windows ransomware gangs have reacted to the reported takedown of the REvil gang, with one of them, Darkside, now known as BlackMatter, moving some of the bitcoin it holds, according to a statement from the cryptocurrency tracking firm Elliptic.

A seasoned ransomware threat researcher has warned against taking any of the chatter around the disappearance of the Windows REvil ransomware group for a second time seriously, given that the forums on which these posts have appeared are heavily monitored.

Despite numerous false alarms from security firms in the past — which have been enthusiastically spread by technology writers — it still appears that all a security firm or group of researchers has to do to gain some headlines is to write a post mentioning Linux and malware in the same sentence.

ASX-listed Nitro Software, a firm that had its origins in Melbourne and offers a service to create, edit and sign PDFs and digital documents, has issued an update on Wednesday to its earlier statement regarding a data breach, in what appears to be an attempt to negate the details published about the incident by the American website Bleeping Computer and a number of other websites.

A software firm that had its origins in Melbourne has suffered a data breach that it has described in a notice to the ASX as "an isolated security incident" but which cyber security provider Cyble has claimed is a massive leak that affects companies like Google, Microsoft, Apple, Chase and Citibank.

The world's biggest eyewear company, Italian conglomerate Luxottica, has suffered a ransomware attack staged by criminals using the Windows Nefilim ransomware and data about its financial and human resources operations have been leaked on the dark web.

Cyber criminals who breached the infrastructure of the American IT staffing company Artech Information Systems and then used the Windows REvil ransomware, which is also known as Sodinokibi, to encrypt files on-site, appear to have staged a second attack on the same firm using the Maze ransomware and released all the data that they stole in the second attack on a dark web site.

GPS and wearable technology specialist Garmin has been hit by an outage and there are suspicions that this may be due to a Windows ransomware attack.

Former Washington Post writer Brian Krebs has opened himself up to criticism about his stance on ransomware by slamming the website Bleeping Computer and security firm Cyble for providing what he deems to be "public relations help" to ransomware gangs.

Twice in the space of three months, researchers from BlackBerry have put out studies pushing claims about malware and ransomware that is alleged to attack Linux, giving the impression that this operating system is also under as much threat as Windows.

Once again, so-called security researchers and tech writers have combined to provide misinformation about trojanised SSH scripts which can be run on a Linux server after said server is compromised through a brute-force attack and root status attained. And they call it Linux malware!

A tech website which profits from the sale of anti-spyware programs has taken a hit again, with ransomware masquerading as a product for which it is an affiliate.

The tech website Bleeping Computer, which carries news about security and malware, has once again demonstrated that when it comes to Linux, its understanding of security is somewhat lacking.

Explosive allegations by the whistleblower website WikiLeaks that the CIA had devised a means to impersonate exfiltration attempts from computers infected with its malware implants as being from Kaspersky Lab have been largely ignored by the mainstream US and tech media.

As organisations around the world struggled to cope with the Windows ransomware avalanche, one man decided that it was the right time to make some money.