Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 16 submissions in the queue.
posted by hubie on Friday November 17, @06:41PM   Printer-friendly
from the complaints-department-5000-miles-> dept.

https://arstechnica.com/security/2023/11/teens-with-digital-bazookas-are-winning-the-ransomware-war-researcher-laments/

What do Boeing, an Australian shipping company, the world's largest bank, and one of the world's biggest law firms have in common? All four have suffered cybersecurity breaches, most likely at the hands of teenage hackers, after failing to patch a critical vulnerability that security experts have warned of for more than a month, according to a post published Monday.

[...] All four companies have confirmed succumbing to security incidents in recent days, and China's ICBC has reportedly paid an undisclosed ransom in exchange for encryption keys to data that has been unavailable ever since.

[...] After the CitrixBleed exploit grants initial remote access through software known as Virtual Desktop Infrastructure, LockBit escalates its access to other parts of the compromised network using tools such as Atera, which provides interactive PowerShell interfaces that don't trigger antivirus or endpoint detection alerts. This access remains even after CitrixBleed is patched unless administrators take special actions.


Original Submission

 
This discussion was created by hubie (1068) for logged-in users only, but now has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by mcgrew on Saturday November 18, @03:49PM

    by mcgrew (701) <publish@mcgrewbooks.com> on Saturday November 18, @03:49PM (#1333404) Homepage Journal

    ..."after failing to patch a critical vulnerability..."

    Looks like it's not closed source's fault this time to me. Don't you ever patch your Linux box? I did mine yesterday, a couple weeks ago I even had to boot it for a kernel patch. Yes, the way Microsoft patches makes one not want to, but that's different.

    And even lazy closed source users don't lose any data they've backed up. Anyone who doesn't back up is a brain-dead moron, or doesn't give a damn about their employer's data.

    --
    mcgrewbooks.com mcgrew.info nooze.org
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2