Latest News Articles
--- TLP:WHITE ---
News
− BlackCat Ransomware Gang Suspected of Pulling Exit Scam
The BlackCat ransomware gang announces shutdown as an affiliate accuses theft of $22 million ransom payment.
https://www.securityweek.com/blackcat-ransomware-gang-suspected-of-pulling-exit-scam/− Anatomy of a BlackCat Attack Through the Eyes of Incident Response
Incident response experts at Sygnia provide a detailed blow-by-blow of a BlackCat ransomware attack and share tips for survival.
https://www.sygnia.co/blog/blackcat-ransomware//− The French Government Says It’s Being Targeted by Unusual Intense Cyberattacks
A group of hackers called Anonymous Sudan, considered by cybersecurity experts as pro-Russia, claimed responsibility for the attacks in online posts.
https://www.rfi.fr/en/science-and-technology/20240312-france-deploys-crisis-cell-to-deal-with-fallout-of-major-cyberattack− South Korean Citizen Detained in Russia on Cyber Espionage Charges
Russia has detained a South Korean national for the first time on cyber espionage charges and transferred from Vladivostok to Moscow for further investigation
https://thehackernews.com/2024/03/south-korean-citizen-detained-in-russia.htmlVulnerabilities
− Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws
Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild.
https://thehackernews.com/2024/03/urgent-apple-issues-critical-updates.html− Critical TeamCity flaw now widely exploited to create admin accounts
Hackers have started to exploit the critical-severity authentication bypass vulnerability (CVE-2024-27198) in TeamCity On-Premises, which JetBrains addressed in an update on Monday.
https://www.bleepingcomputer.com/news/security/critical-teamcity-flaw-now-widely-exploited-to-create-admin-accounts/− Critical Security Issues Affecting JetBrains TeamCity On-Premises: CVE-2024-27198, CVE-2024-27199
JetBrains has released an update for on-premise versions of TeamCity. The update addresses two vulnerabilities.
https://www.ncsc.gov.ie/pdfs/2403050151_JetBrains_TeamCity_Vulns.pdf/− VMware fixes critical sandbox escape flaws in ESXi, Workstation, and Fusion
VMware released security updates to fix critical sandbox escape vulnerabilities in VMware ESXi, Workstation, Fusion, and Cloud Foundation products, allowing attackers to escape virtual machines and access the host operating system.
https://www.vmware.com/security/advisories/VMSA-2024-0006.htmlCommunity News
− British Library pushes the cloud button, says legacy IT estate cause of hefty rebuild
Five months in and the mammoth post-ransomware recovery has barely begun The British Library says legacy IT is the overwhelming factor delaying efforts to recover from the Rhysida ransomware attack in late 2023.
https://www.bl.uk/home/british-library-cyber-incident-review-8-march-2024.pdf--- TLP:WHITE ---