A surge in new multipoint extortion ransomware groups in 2023, connected to older ransomware operations, employ various tactics to coerce victims into paying a ransom, including data theft and threats of data publication.
BlackCat, a ransomware gang, has filed a complaint with the US Securities and Exchange Commission (SEC) accusing MeridianLink of non-compliance with data breach disclosure rules, despite the rules not being in effect at the time of the alleged breach.
Cybercriminals targeted individuals and organizations, posing as a charity for Palestine, to manipulate sympathy and solicit fraudulent donations during the crisis in Gaza and Israel.
DarkCasino, an economically motivated APT group, exploits a zero-day vulnerability in WinRAR software to launch malicious payloads, raising concerns about APT attacks in the second half of 2023.
Researchers at Protect AI and independent security experts have identified critical vulnerabilities in the infrastructure used by AI models on the Huntr Bug Bounty Platform, including high-severity bugs in platforms such as Ray, MLflow, ModelDB, and H20 version 3, potentially leading to server takeover and unauthorized access to AI models, with concerns of intellectual property theft and financial gain for cybercriminals.
Multiple cyberattack groups exploit a zero-day vulnerability in the Zimbra Collaboration Suite to steal email data, user credentials, and authentication tokens from government organizations worldwide.
