Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 12 submissions in the queue.
posted by hubie on Friday November 17, @06:41PM   Printer-friendly
from the complaints-department-5000-miles-> dept.

https://arstechnica.com/security/2023/11/teens-with-digital-bazookas-are-winning-the-ransomware-war-researcher-laments/

What do Boeing, an Australian shipping company, the world's largest bank, and one of the world's biggest law firms have in common? All four have suffered cybersecurity breaches, most likely at the hands of teenage hackers, after failing to patch a critical vulnerability that security experts have warned of for more than a month, according to a post published Monday.

[...] All four companies have confirmed succumbing to security incidents in recent days, and China's ICBC has reportedly paid an undisclosed ransom in exchange for encryption keys to data that has been unavailable ever since.

[...] After the CitrixBleed exploit grants initial remote access through software known as Virtual Desktop Infrastructure, LockBit escalates its access to other parts of the compromised network using tools such as Atera, which provides interactive PowerShell interfaces that don't trigger antivirus or endpoint detection alerts. This access remains even after CitrixBleed is patched unless administrators take special actions.


Original Submission

 
This discussion was created by hubie (1068) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by Whoever on Saturday November 18, @12:58AM (2 children)

    by Whoever (4524) on Saturday November 18, @12:58AM (#1333344) Journal

    Maybe that's what happens if you don't pay the ransom, AND you try to hide the attack, AND you're a publicly tiraded company.

    Maybe they figured that, if they could just keep the intrusion secret, it would not have a material effect on their business.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 3, Funny) by sgleysti on Saturday November 18, @03:03AM (1 child)

    by sgleysti (56) on Saturday November 18, @03:03AM (#1333354)

    Along similar lines: It's not racketeering if you use a bat.

    • (Score: 2) by DannyB on Monday November 20, @04:05PM

      by DannyB (5839) on Monday November 20, @04:05PM (#1333618) Journal

      Isn't a bat more effective than a racket?

      --
      NSA does only TARGETED surveillance. It's just that they target everyone.