In a sudden, stunning announcement today, the United States Department of Justice, the FBI, and federal agencies from 13 countries from Europol, announced the seizure of the transnational Hive ransomware operation. The seizure was part of a months-long operation that began in late July 2022 when the FBI infiltrated the Hive network. Deputy Attorney General Lisa Monaco said it … [Read more...]
Two Microsoft Exchange Server Zero-Day Vulnerabilities (aka ProxyNotShell)
Update 10/6/2022 : Microsoft has released several updates since their post on the “ProxyNotShell” Exchange vulnerabilities. If you followed their initial mitigation steps, they are not sufficient to block this threat and your Exchange server may remain vulnerable. Security researchers began poking at the initial mitigation recommendations and found ways to bypass their … [Read more...]
Over a Billion Records Leaked in Shanghai National Police Database Hack
This past week, a hacker by the name of ChinaDan allegedly breached the Shanghai National Police (SHGA) database and has put the nearly 23 TB of data up for sale for 10 bitcoin (BTC), or a little over $200k USD as of this writing. ChinaDan claims the data contains “information on 1 Billion Chinese national residents and several billion case records” including names, addresses, … [Read more...]
LockBit Ransomware Group Introduces Bug Bounties and More
The LockBit ransomware group has unveiled a new website – LockBit 3.0 – to host their ransom extortions and data leaks. The website includes several new features, including an unprecedented bug bounty program to assist the group in securing their site; acceptance of the privacy cryptocurrency, Zcash; and the addition of receiving payments from users to: “extend the timer for 24 … [Read more...]
WatchGuard Launches PSIRT Page
WatchGuard’s Product Security Incident Response Team (PSIRT) has launched our public PSIRT page to provide a consolidated resource where network administrators can find advisories and information about security vulnerabilities in WatchGuard products, as well as WatchGuard’s investigations into industry-wide security issues that may impact our products or services. Our PSIRT … [Read more...]
