Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
Progress MOVEit
A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)

Progress Software has asked customers to update their MOVEit Transfer installations again, to fix a third SQL injection vulnerability (CVE-2023-35708) discovered in the web …

Progress MOVEit
PoC exploit for exploited MOVEit vulnerability released (CVE-2023-34362)

As more victim organizations of Cl0p gang’s MOVEit rampage continue popping up, security researchers have released a PoC exploit for CVE-2023-34362, the RCE …

lock
Cyber extortion hits all-time high

Cyber extortion attacks have become increasingly prevalent in recent years, posing a significant threat to organizations of all sizes and industries, according to Orange …

Progress MOVEit
Cl0p announces rules for extortion negotiation after MOVEit hack

The Cl0p cyber extortion crew says that the many organizations whose data they have pilfered by exploiting a vulnerability in the MOVEit Transfer solution have until June 14 …

omega
0mega ransomware gang changes tactics

A number of ransomware gangs have stopped using malware to encrypt targets’ files and have switched to a data theft/extortion approach to get paid; 0mega – a …

Progress MOVEit
MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims

The fallout of the MOVEit Transfer hack via CVE-2023-34362 by the Cl0p gang is expanding, as several UK-based companies have now confirmed that some of their data has been …

Progress MOVEit
MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)

The zero-day vulnerability attackers have exploited to compromise vulnerable Progress Software’s MOVEit Transfer installations finally has an identification number: …

Ferrari
Ferrari data breach: Client data exposed

Italian luxury sports car maker Ferrari has suffered a data breach and has confirmed on Monday that it “was recently contacted by a threat actor with a ransom demand …

Riot Games
Riot Games breached: How did it happen?

The hackers who breached Riot Games last week are asking for $10 million not to leak the stolen source code for the company’s popular League of Legends online game. The …

Eyes
Fake subscription invoices lead to corporate data theft and extortion

A threat actor dubbed Luna Moth has been leveraging social engineering and legitimate software to steal sensitive data and extort money from small and medium-size businesses. …

Cisco
Cisco has been hacked by a ransomware gang

U.S. networking giant Cisco Systems has been hacked, the company confirmed on Wednesday, after Yanluowang ransomware operators claimed the attack on their leak site. …

ransomware
Conti effectively created an extortion-oriented IT company, says Group-IB

In slightly more than a month, the Conti ransomware collective compromised more than 40 companies worldwide, and the fastest attack took only three days, Group-IB’s noted in …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools