Carly Page
197 POSTS
0 COMMENTS
The U.S. National Security Agency has confirmed that hackers exploiting flaws in Ivanti’s widely used enterprise VPN appliance have targeted organizations across the U.S. defense sector.
NSA spokesperson Edward Bennett confirmed in an emailed statement to TechCrunch on Friday that the U.S. intelligence agency, along with its interagency counterparts, is...
Researchers say easy-to-exploit security bugs in ConnectWise remote access software now under mass-attack
Carly Page - 0
Security researchers say a pair of easy-to-exploit flaws in a popular remote access tool used by more than a million companies around the world are now being mass-exploited, with hackers abusing the vulnerabilities to deploy ransomware and steal sensitive data.
Cybersecurity giant Mandiant said in a post on Friday that...
Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn
Carly Page - 0
Security experts are warning that a pair of high-risk flaws in a popular remote access tool are being exploited by hackers to deploy LockBit ransomware — days after authorities announced that they had disrupted the notorious Russia-linked cybercrime gang.
Researchers at cybersecurity companies Huntress and Sophos told TechCrunch on Thursday...
Researchers warn high-risk ConnectWise flaw under attack is ’embarrassingly easy’ to exploit
Carly Page - 0
'I can’t sugarcoat it — this shit is bad,' said Huntress' CEO
Security experts are warning that a high-risk vulnerability in a widely used remote access tool is “trivial and embarrassingly easy” to exploit, as the software’s developer confirms malicious hackers are actively exploiting the flaw.
The maximum severity-rated vulnerability affects...
A sweeping law enforcement operation led by the U.K.’s National Crime Agency this week took down LockBit, the notorious Russia-linked ransomware gang that has for years wreaked havoc on businesses, hospitals, and governments around the world.
The action saw LockBit’s leak site downed, its servers seized, multiple arrests made, and...
A coalition of international law enforcement agencies, including the FBI and the U.K.’s National Crime Agency, have disrupted the operations of the prolific LockBit ransomware gang.
LockBit’s dark-web leak site — where the group publicly lists its victims and threatens to leak their stolen data unless a ransom demand is...
A misconfigured cloud storage server belonging to automotive giant BMW exposed sensitive company information, including private keys and internal data, TechCrunch has learned.
Can Yoleri, a security researcher at threat intelligence company SOCRadar, told TechCrunch that he discovered the exposed BMW cloud storage server while routinely scanning the internet.
Yoleri said...
UK utility giant Southern Water says hackers stole personal data of hundreds of thousands of customers
Carly Page - 0
U.K.-based water utility Southern Water has confirmed that hackers stole the personal data of as many as 470,000 customers in a recent data breach.
Southern Water, which provides water and wastewater services to millions of people across the South East of England, said in a statement on Tuesday that it...
Hackers have begun mass exploiting a third vulnerability affecting Ivanti’s widely used enterprise VPN appliance, new public data shows.
Last week, Ivanti said it had discovered two new security flaws — tracked as CVE-2024-21888 and CVE-2024-21893 — affecting Connect Secure, its remote access VPN solution used by thousands of corporations...
China-backed Volt Typhoon hackers have lurked inside US critical infrastructure for ‘at least five years’
Carly Page - 0
China-backed hackers have maintained access to American critical infrastructure for “at least five years” with the long-term goal of launching “destructive” cyberattacks, a coalition of U.S. intelligence agencies warned on Wednesday.
Volt Typhoon, a state-sponsored group of hackers based in China, has been burrowing into the networks of aviation, rail,...