Clop ransomware group claims to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability. The Clop ransomware group may have compromised hundreds of companies worldwide by exploiting a vulnerability in MOVEit Transfer software. MOVEit Transfer is a managed file transfer that is used by enterprises to securely transfer fi

Bitdefender researchers have discovered 60,000 different Android apps secretly installing adware in the past six months. Bitdefender announced the discovery of more than 60,000 Android apps in the past six months that were spotted installing adware on Android devices. The researchers discovered the hidden adware by using a recently announced anomaly de

Researchers from security firm Uptycs reported that threat actors linked to the Cyclops ransomware are offering a Go-based information stealer. The Cyclops group has developed multi-platform ransomware that can infect Windows, Linux, and macOS systems. In an unprecedented move, the group is also offering a separate information-stealer malware that can be

Last week two eastern Idaho hospitals and their clinics were hit by a cyberattack that temporarily impacted their operations. Last week the Idaho Falls Community Hospital was hit by a cyber attack that impacted its operations. Officials at the hospital confirmed that some clinics closed due to the cyber attack and some ambulances have been diverted to nea

Microsoft attributes the recent campaign exploiting a zero-day in the MOVEit Transfer platform to the Clop ransomware gang. The Clop ransomware gang (aka Lace Tempest) is credited by Microsoft for the recent campaign that exploits a zero-day vulnerability, tracked as CVE-2023-34362, in the MOVEit Transfer platform. Microsoft is attributing attacks expl

Play ransomware group claims responsibility for a ransomware attack that hit Globalcaja, one of the major banks in Spain. Globalcaja is a financial institution in the autonomous community of Castilla-La Mancha, it has more than 300 offices across Spain and provides banking services to more than half a million clients. Globalcaja was the victim of a Pla

A new ongoing Magecart web skimmer campaign abuse legitimate websites to act as makeshift command and control (C2) servers. Akamai researchers discovered a new ongoing Magecart web skimmer campaign aimed at stealing personally identifiable information (PII) and credit card information from users in North America, Latin America, and Europe. Magecart at

VMware’s Carbon Black Managed Detection and Response (MDR) team observed a surge of TrueBot activity in May 2023. Researchers at VMware’s Carbon Black Managed Detection and Response (MDR) team warn of a surge of TrueBot activity in May 2023. Truebot has been active since 2017 and some researchers linked it to the Silence Group, while a recent investiga

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Xplain hack impacted the Swiss cantonal police and FedpolZyxel published guidance for protecting devi

Several Swiss cantonal police, the army, customs and the Federal Office of Police (Fedpol) were impacted by the attack against IT firm Xplain.  Swiss police launched an investigation into the cyber attack that hit the Bernese IT company Xplain, which provides its services to several federal and cantonal government departments, the army, customs, and the F

Experts noticed that the new Linux ransomware BlackSuit has significant similarities with the Royal ransomware family. Royal ransomware is one of the most notable ransomware families of 2022, it made the headlines in early May 2023 with the attack against the IT systems in Dallas, Texas. The human-operated Royal ransomware first appeared on the threat

A new botnet malware dubbed Horabot is targeting Spanish-speaking users in Latin America since at least November 2020. Cisco Talos researchers were observed deploying a previously unidentified botnet, dubbed Horabot, that is targeting Spanish-speaking users in the Americas. The botnet is used to deliver a banking trojan and spam tool to the infected syste

After the recent ransomware attack, Point32Health disclosed a data breach that impacted 2.5 million Harvard Pilgrim Health Care subscribers. In April, the non-profit health insurer Point32Health took systems offline in response to a ransomware attack that took place on April 17. The insurer immediately launched an investigation into the incident with the

Threat actors are exploiting a zero-day flaw in Progress Software’s MOVEit Transfer product to steal data from organizations. Threat actors are actively exploiting a zero-day vulnerability in the Progress MOVEit Transfer file transfer product to steal data from organizations. MOVEit Transfer is a managed file transfer that is used by enterprises to sec

Researchers discovered spyware, dubbed SpinOk, hidden in 101 Android apps with over 400 million downloads in Google Play. The malicious module is distributed as a marketing SDK that developers behind the apps embedded in their applications and games, including those available on Google Play. Upon executing the module, the malware-laced SDK connects to