Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 12 submissions in the queue.
posted by hubie on Friday November 17, @06:41PM   Printer-friendly
from the complaints-department-5000-miles-> dept.

https://arstechnica.com/security/2023/11/teens-with-digital-bazookas-are-winning-the-ransomware-war-researcher-laments/

What do Boeing, an Australian shipping company, the world's largest bank, and one of the world's biggest law firms have in common? All four have suffered cybersecurity breaches, most likely at the hands of teenage hackers, after failing to patch a critical vulnerability that security experts have warned of for more than a month, according to a post published Monday.

[...] All four companies have confirmed succumbing to security incidents in recent days, and China's ICBC has reportedly paid an undisclosed ransom in exchange for encryption keys to data that has been unavailable ever since.

[...] After the CitrixBleed exploit grants initial remote access through software known as Virtual Desktop Infrastructure, LockBit escalates its access to other parts of the compromised network using tools such as Atera, which provides interactive PowerShell interfaces that don't trigger antivirus or endpoint detection alerts. This access remains even after CitrixBleed is patched unless administrators take special actions.


Original Submission

 
This discussion was created by hubie (1068) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 5, Interesting) by DannyB on Friday November 17, @10:15PM (4 children)

    by DannyB (5839) on Friday November 17, @10:15PM (#1333333) Journal

    Ransomware group reports victim it breached to SEC regulators [arstechnica.com]

    Group tells SEC that the victim is in violation for not reporting it was hacked.

    One of the world’s most active ransomware groups has taken an unusual—if not unprecedented—tactic to pressure one of its victims to pay up: reporting the victim to the US Securities and Exchange Commission.

    The pressure tactic came to light in a post published on Wednesday on the dark web site run by AlphV, a ransomware crime syndicate that’s been in operation for two years. After first claiming to have breached the network of the publicly traded digital lending company MeridianLink, AlphV officials posted a screenshot of a complaint it said it filed with the SEC through the agency’s website. Under a recently adopted rule [sec.gov] that goes into effect next month, publicly traded companies must file an SEC disclosure within four days of learning of a security incident that had a “material” impact on their business.

    Maybe that's what happens if you don't pay the ransom, AND you try to hide the attack, AND you're a publicly tiraded company.

    --
    NSA does only TARGETED surveillance. It's just that they target everyone.
    Starting Score:    1  point
    Moderation   +3  
       Interesting=3, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   5  
  • (Score: 2) by Whoever on Saturday November 18, @12:58AM (2 children)

    by Whoever (4524) on Saturday November 18, @12:58AM (#1333344) Journal

    Maybe that's what happens if you don't pay the ransom, AND you try to hide the attack, AND you're a publicly tiraded company.

    Maybe they figured that, if they could just keep the intrusion secret, it would not have a material effect on their business.

    • (Score: 3, Funny) by sgleysti on Saturday November 18, @03:03AM (1 child)

      by sgleysti (56) on Saturday November 18, @03:03AM (#1333354)

      Along similar lines: It's not racketeering if you use a bat.

      • (Score: 2) by DannyB on Monday November 20, @04:05PM

        by DannyB (5839) on Monday November 20, @04:05PM (#1333618) Journal

        Isn't a bat more effective than a racket?

        --
        NSA does only TARGETED surveillance. It's just that they target everyone.
  • (Score: 2) by sgleysti on Saturday November 18, @03:06AM

    by sgleysti (56) on Saturday November 18, @03:06AM (#1333355)

    The SEC report by the ransomware gang is by far the most interesting part of this story. X got hacked has ceased to be news to me and always recalls to mind an early scene from the movie Hackers:

    Dade's Mom: You hooked it up to the phone, didn't you? Dade! Turn the shower off! You screw up again and you won't get into college!