News

Wisconsin teenager Joseph Garrison has pleaded guilty to his involvement in a scheme to access user accounts at a fantasy sports and betting website. According to court documents, on November 18, 2022, Garrison launched a credential stuffing attack against the betting site, obtaining access to approximately 60,000 user accounts. The defendant and others then stole about $600,000 from approximately 1,600 victim accounts, by adding a new payment method to the accounts, depositing $5 to each…

Read More

The Biden for President campaign is searching for a Chief Information Security Officer (CISO) to lead its IT and security division. The campaign said the incoming cybersecurity chief will work to “define the organization’s risk appetite” and direct the formulation and execution of strategic cybersecurity and IT initiatives across the campaign.  Back in 2020, the campaign hired former White House cybersecurity adviser Chris DeRusha as its first CISO amidst reports that hackers linked to foreign…

Read More

It’s been said “you cannot control the outcome, but you can control the process.” In today’s world of the “assume-breach” security posture, this has never been more true. Especially when it comes to third-party privilege, one of the most significant attack vectors organizations face.  Watch this webinar from Saviynt and SecurityWeek for advice on how to create more trust in your third party relationships by adding sustainable processes and tools that enable you to control…

Read More

The Royal ransomware gang has targeted at least 350 organizations worldwide, with their ransom demands exceeding $275 million, and the cybercriminals may be preparing to rebrand their operation, the US cybersecurity agency CISA and the FBI say in an updated alert. Active since at least September 2022, Royal has been used in attacks against entities in critical infrastructure, education, healthcare, and manufacturing sectors, making ransom demands ranging between $1 million and $11 million, in Bitcoin.…

Read More

The ransomware and data extortion group RansomedVC announced plans to shut down the project and sell parts of its infrastructure. RansomedVC has only been around for a few months, operating under the ransomware-as-a-service (RaaS) business model. The group has listed more than 40 organizations on its leak site, demanding ransom payments of up to $1 million, depending on the victim’s size. The group mainly focuses on organizations in Europe, but recently claimed responsibility for attacks…

Read More

Canadian attack surface management firm Cavelo has raised CA$5 million (approximately US$3.6 million) in a seed funding round that brings the total raised by the company to CA$6.3 million (roughly US$4.5 million). The new investment round was led by Inovia Capital, with participation from Graphite Ventures and other existing investors. Founded in 2020, the Waterloo-based cybersecurity startup provides organizations with the necessary means to scan their environments for data that might be at risk in…

Read More

SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under the radar. We provide a valuable summary of stories that may not warrant an entire article, but are nonetheless important for a comprehensive understanding of the cybersecurity landscape. Each week, we will curate and present a collection of noteworthy developments, ranging from the latest vulnerability discoveries and emerging attack techniques to significant policy changes and…

Read More

A class action lawsuit has been filed against Intel over its handling of speculative execution vulnerabilities found in its CPUs, particularly the recently disclosed attack method named Downfall.  A 112-page class action complaint was filed this week by plaintiffs represented by Bathaee Dunne. News of a Bathaee Dunne-led lawsuit against Intel over the Downfall vulnerability emerged in late August, when the law firm announced that it was preparing to file a complaint. The plaintiffs say…

Read More

The FBI has released a fresh warning on ransomware operators compromising third-party vendors and services to abuse them for initial access to victim environments. Threat actors have been observed exploiting vulnerabilities in vendor-controlled remote access to servers and abusing legitimate system management tools to elevate permissions in victim organizations’ networks, the Bureau says. “The FBI continues to track reporting of third-party vendors and services as an attack vector for ransomware incidents,” the agency notes in…

Read More