According to the SEC, Blackbaud initially stated that the attackers had not gained access to donor bank account details or social security numbers. ( Bleeping Computer) Blackbaud to pay $3 million for misleading ransomware disclosureīack in 2020, cloud software provider Blackbaud suffered a ransomware attack which affected 13,000 customers from charities, foundations, non-profits, and universities in the US, Canada, the UK, and the Netherlands. While CISA didn’t confirm specific attacks, the issue is likely linked to the incident involving a LastPass senior DevOps engineer whose computer was hacked last year to install a keylogger and gain access to customer vault backups. Tracked as CVE-2020-5741, the flaw could allow threat actors with admin privileges to abuse the Camera Upload feature and remotely execute arbitrary Python code in low-complexity attacks. ( The Register) CISA warns of actively exploited Plex bug after LastPass breachĬISA has added a nearly three-year-old high-severity remote code execution (RCE) vulnerability in the Plex Media Server to its catalog of exploited security flaws. The FBI began investigating the operation back in 2020, creating accounts on its website, buying a subscription, and creating a custom NetWire instance using the builder tool. NetWire is capable of stealing passwords, keylogging, and remotely controlling infected devices. NetWire was first discovered in 2012 and cybercriminals commonly deliver the RAT through files attached to phishing emails. On the same day, federal authorities in Los Angeles seized the internet domain, and Swiss law enforcement seized the malware’s hosting server. On Tuesday, Croatian police arrested the suspected administrator of the site which sold the NetWire remote access trojan (RAT). FBI and international authorities catch a NetWire RAT
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |