International Breaking News!
Quote:The nation’s cyber watchdog agency reported that the U.S. government was the target of a global hacking campaign that exploited a vulnerability in widely used software on June 15. However, the agency does not anticipate the attack to have a significant impact.
Eric Goldstein, the executive assistant director for cybersecurity at the U.S. Cybersecurity and Infrastructure Security Agency (CISA), said in a statement that several federal agencies had been compromised after the discovery of a vulnerability in the file transfer software MOVEit.
CISA did not identify the affected agencies or specify how they were affected. It did not respond promptly to requests for additional comment.
...
The online extortion group Cl0p, which has claimed responsibility for the MOVEit breach, has stated in the past that it would not use any data stolen from government agencies.
The group wrote that government agencies, cities, and police services shouldn’t worry because they had already erased the data.
...
The advisory aims to help organizations protect against the CL0P ransomware variant by providing essential information on its tactics and indicators.
The authorities recommend several actions to mitigate the cyber threats posed by CL0P ransomware. Organizations were advised to conduct an inventory of assets, identifying authorized and unauthorized devices and software.
...
The advisory includes information on recent activities of the CL0P Ransomware Gang, also known as TA505.
They exploited a previously unknown vulnerability in Progress Software’s MOVEit Transfer solution, infecting internet-facing web applications. The gang used a web shell named LEMURLOOT to steal data from underlying databases.
TA505 has previously targeted Accellion File Transfer Appliance devices and Fortra/Linoma GoAnywhere MFT servers.
...
Following the hacking of one of the agency’s law firms, a government agency in Australia in charge of keeping track of privacy violations was the target of a cyberattack.
After infiltrating the HWL Ebsworth database, the Russian hacker organization BlackCat, also known as AlphV, obtained information from the Office of the Australian Information Commissioner (OAIC), according to a June 15 report.
One of the biggest business law companies in Australia, HWL Ebsworth, offers expert assistance to the OAIC.
This comes after AlphV stole four terabytes of corporate data, including personnel information, in April.
...
Just a day before the Australian hack, a senior U.S. cybersecurity official warned that Chinese state hackers would “almost certainly” conduct aggressive cyberattacks to disrupt critical U.S. infrastructure, such as pipelines and railways if a conflict breaks out with the United States.
At an event hosted by the Aspen Institute in Washington, Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, stated that Beijing is investing significantly in the development of cybertechnologies intended to sabotage U.S. infrastructure.
Quote:The Department of Energy and several other federal agencies were compromised in a Russian cyber-extortion gang’s global hack of a file-transfer program popular with corporations and governments, but the impact was not expected to be great, Homeland Security officials said Thursday.
But for others among what could be hundreds of victims from industry to higher education—including patrons of at least two state motor vehicle agencies—the hack was beginning to show some serious impacts.
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, told reporters that unlike the meticulous, stealthy SolarWinds hacking campaign attributed to state-backed Russian intelligence agents that was months in the making, this campaign was short, relatively superficial and caught quickly.
...
Energy Department spokesperson Chad Smith said two agency entities were compromised but did not provide more detail.
Known victims to date include Louisiana’s Office of Motor Vehicles, Oregon’s Department of Transportation, the Nova Scotia provincial government, British Airways, the British Broadcasting Company and the UK drugstore chain Boots. The exploited program, MOVEit, is widely used by businesses to securely share files. Security experts say that can include sensitive financial and insurance data.
Louisiana officials said Thursday that people with a driver’s license or vehicle registration in the state likely had their personal information exposed. That included their name, address, Social Security number and birthdate. They encouraged Louisiana residents to freeze their credit to guard against identity theft.
The Oregon Department of Transportation confirmed Thursday that the attackers accessed personal information, some sensitive, for about 3.5 million people to whom the state issued identity cards or driver’s licenses.
The Cl0p ransomware syndicate behind the hack announced last week on its dark web site that its victims, who it suggested numbered in the hundreds, had until Wednesday to get in touch to negotiate a ransom or risk having sensitive stolen data dumped online.
The gang, among the world’s most prolific cybercrime syndicates, also claimed it would delete any data stolen from governments, cities, and police departments.
The parent company of MOVIEit’s U.S. maker, Progress Software, alerted customers to the breach on May 31 and issued a patch. But cybersecurity researchers say scores if not hundreds of companies could by then have had sensitive data quietly exfiltrated.
Once again, members of the Five Eyes got hacked. And yes, I truly believe that the NOTAM failures in US and Canada plus the Royal Mail's services were just a first attempt at disrupting the Western World infrastructure.
Oh and wait to see what China did this time! You'd have to check out our Chinese Hackers thread to find out all about their latest hacking schemes.
"For God has not destined us for wrath, but for obtaining salvation through our Lord Jesus Christ," 1 Thessalonians 5:9
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE
Maranatha!
The Internet might be either your friend or enemy. It just depends on whether or not she has a bad hair day.
My Original Stories (available in English and Spanish)
List of Compiled Binary Executables I have published...
HiddenChest & Roole
Give me a free copy of your completed game if you include at least 3 of my scripts!
Just some scripts I've already published on the board...
KyoGemBoost XP VX & ACE, RandomEnkounters XP, KSkillShop XP, Kolloseum States XP, KEvents XP, KScenario XP & Gosu, KyoPrizeShop XP Mangostan, Kuests XP, KyoDiscounts XP VX, ACE & MV, KChest XP VX & ACE 2016, KTelePort XP, KSkillMax XP & VX & ACE, Gem Roulette XP VX & VX Ace, KRespawnPoint XP, VX & VX Ace, GiveAway XP VX & ACE, Klearance XP VX & ACE, KUnits XP VX, ACE & Gosu 2017, KLevel XP, KRumors XP & ACE, KMonsterPals XP VX & ACE, KStatsRefill XP VX & ACE, KLotto XP VX & ACE, KItemDesc XP & VX, KPocket XP & VX, OpenChest XP VX & ACE