PurFoods, a US food delivery company trading as Mom’s Meals, recently disclosed a cyberintrusion that occurred from January 16 to February 22, 2023. The company reported that the cyberattack involved the encryption of certain files in their network and could not rule out the possibility of data exfiltration. While it remains uncertain how many people…
The US Department of Justice (DOJ) has seized the web domain LolekHosted.net, which was allegedly involved in various illegal activities. The DOJ also charged a Polish man named Artur Karol Grabowski in connection with running the service, but his current whereabouts are unknown. The website now displays a warning notice to visitors. LolekHosted.net is considered…
Last week, the US Securities and Exchange Commission (SEC) announced new rules regarding cybersecurity breach disclosures for individuals and companies under its regulatory authority. The SEC was established during the Great Depression in the 1930s to prevent unregulated speculation that led to the infamous Wall Street crash of 1929. Its mission is to protect investors,…
The latest cybercrime exploits attributed to the Clop ransomware crew have taken a new approach that deviates from traditional ransomware attacks. While conventional attacks involve scrambling files and demanding a large sum of money for a decryption key, the Clop gang has evolved to take copies of vital files and use them as leverage. Scrambling…
Sophos has recently released a three-part documentary series called “Think You Know Ransomware?” that explores the realities of ransomware, revealing the far-reaching consequences for both businesses and society at large. The series includes over 100 hours of interviews with cybercriminals, cybersecurity experts, industry analysts, and policy makers to provide a full 360-degree perspective. Episode 1,…
Last week, Progress Software Corporation, a company that sells software and services for user interface development, devops, and file management, among others, alerted its customers about a critical vulnerability in its MOVEit Transfer and related MOVEit Cloud products. MOVEit Transfer is a system that allows teams, departments, companies, or supply chains to store and share…
The Naked Security podcast, hosted by Doug Aamoth and Paul Ducklin, covers a range of topics related to cybersecurity, including password manager cracks, login bugs, and historical examples of security breaches. In a recent episode, the hosts discussed a ransomware attack against a technology company in Oxfordshire, England, which involved a man-in-the-middle attack by a…
After five years of investigation, Ashley Liles, a former sysadmin at a business in Oxford, England, has been convicted of a Man-in-the-Middle (MitM) cybercrime. MitM attacks depend on someone or something intercepting messages sent to a recipient and modifying them to deceive the receiver, and these types of attacks are usually performed by machines. Liles,…
is a HTML tag used for creating a division or section in a web page. In recent news, Russian national Mikhail Pavlovich Matveev, also known as Wazawaka, m1x, Boriselcin, and Uhodiransomwar, has been accused of conspiring to transmit ransom demands, damaging protected computers, and carrying out ransomware attacks. Matveev has been linked to three specific…
In December 2020, a cyberextortion case unfolded in a typical fashion, with an unknown attacker breaking into a network via an unknown security hole, acquiring sysadmin powers, stealing confidential data, and covering their tracks. However, the situation took an unexpected turn when the attacker demanded 50 Bitcoins (then worth about $2,000,000) to hush things up…