GOLD SALEM’s Warlock operation joins busy ransomware landscape
The emerging group demonstrates competent tradecraft using a familiar ransomware playbook and hints of ingenuity
Similar Posts
Texas sues PowerSchool over breach compromising info of over 880,000 students, teachers
Bys sNinfa Saavedra reports: Texas Attorney General Ken Paxton has filed a lawsuit against PowerSchool, a California-based provider of cloud-based services for K-12 schools, after an unprecedented data breach exposed the sensitive personal identifying information and protected health information of more than 880,000 Texas school-aged children and teachers, including Houston ISD schools. According to Paxton, PowerSchool’s……
GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module
Bys sCybersecurity researchers have lifted the lid on a previously undocumented threat cluster dubbed GhostRedirector that has managed to compromise at least 65 Windows servers primarily located in Brazil, Thailand, and Vietnam. The attacks, per Slovak cybersecurity company ESET, led to the deployment of a passive C++ backdoor called Rungan and a native Internet Information Services…
HIPAA, but for non-Covered Entities?
Bys sOdia Kagan of Fox Rothschild writes: A new bill, proposed by Bill Cassidy (R-LA), Chair of the Senate Health, Education, Labor and Pensions Committee (HELP), purports to apply the privacy and security practices under the HITECH Act, to entities that process non protected health information (PHI) and their service providers in the same manner that……
CISA Warns of Sitecore RCE Flaws; Active Exploits Hit Next.js and DrayTek Devices
Bys sThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two six-year-old security flaws impacting Sitecore CMS and Experience Platform (XP) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below – CVE-2019-9874 (CVSS score: 9.8) – A deserialization vulnerability in the Sitecore.Security.AntiCSRF
Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends
Bys sThe elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its tracks, even as it readied new command-and-control (C2) infrastructure coinciding with the end of the widespread internet blackout the regime imposed at the start of the month. “The threat actor stopped maintaining…
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
Bys sAustrian privacy non-profit None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully transferring users’ data to China. The advocacy group is seeking an immediate suspension of such transfers, stating the companies in question cannot shield…