Cyber Security Today, Oct. 13, 2023 – A ransomware gang offers cash for employees to betray their firms

Share post:

A ransomware gang offers cash for employees to betray their firms.

Welcome to Cyber Security Today. It’s Friday, October 13th, 2023. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com and TechNewsday.com in the U.S.

Cyb er Security Today on Amazon Alexa Cyber Security Today on Google Podcasts Subscribe to Cyber Security Today on Apple Podcasts

 

The Everest ransomware group is again trying to lure employees to help it compromise their firm in exchange for cash. The Register reports that in a new post on its dark web victim blog the gang promises a “good percentage” of any profits it gets from a successful attack to employees that hand over their access for infiltration. In particular they’re looking for greedy people in the U.S. Canada and Europe. It isn’t clear if the gang is adding to its toolkit by selling the access it gets to other gangs or it wants to use the access to spread its ransomware.

A Western U.S. housing authority has allegedly been compromised by a ransomware gang. The NoEscape group lists the authority on its site, says a news story on Databreaches.net. The claim has not been verified.

Two weeks ago Progress Software urged administrators overseeing its WS_FTP file transfer software to patch the application fast to close a vulnerability. Yesterday researchers at Sophos Group said those that haven’t patched will be in trouble. A ransomware gang called Reichsadler Cybercrime Group is trying to exploit unpatched installations of the server. Progress Software is also the developer of another file transfer suite called MOVEit.

On a similar line, Microsoft warned that a nation-state threat actor is trying to exploit an unpatched vulnerability in Atlassian’s Confluence server. This group has been at it since September 14th. A patch for that hole has been available for over a week, so there’s no excuse for your server to be hit now.

WordPress administrators are being warned to watch their sites for a backdoor that slipped into their content management application. It works as a standalone script and pretends to be a plug-in. The alert comes from researchers at Wordfence, who say the malware has the ability to create an admin account. The report doesn’t say how the malware gets installed, but possibly an employee downloaded something that looks like a legitimate plug-in. One way to fight this is make sure staff are restricted in what they can add to WordPress.

West Texas Gas, an energy provider in Texas and Oklahoma, is notifying over 56,000 customers that some of their personal information was stolen in May. Data taken includes names, debit or credit card numbers as well as the security codes, access codes or passwords for their accounts.

Former Uber CEO Joe Sullivan is appealing his conviction earlier this year of obstruction of justice in connection with the massive 2016 data breach at the ride-sharing company. Prosecutors said he withheld information about that incident from the Federal Trade Commission, which was investigating a 2014 data theft.

Finally, Apple has released more security updates, this time for older iPhones, iPads and iPad minis still eligible for patches. Make sure your device is at least running version 16.7.1 of the operating system.

That’s it for now. But later today the Week in Review podcast will be out. Guest commentator David Shipley of Beauceron Security will be here to talk about the SEC’s investigation into the huge number of MOVEit hacks, data thefts from DNA testing service 23andMe and more.

Links to details about news in every podcast episode are in the text version at ITWorldCanada.com. That’s where you’ll also find other stories of mine.

Follow Cyber Security Today on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.

The post Cyber Security Today, Oct. 13, 2023 – A ransomware gang offers cash for employees to betray their firms first appeared on IT World Canada.
Howard Solomon
Howard Solomonhttps://www.itworldcanada.com
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Hashtag Trending Feb.23- Companies losing top talent with long hiring processes; Intel – the “foundry for the world?”; AT&T outage

(PRE MUSIC ANNOUNCEMENT) If you know me, you know I’m passionate about three things – music, books and data. My interview on the weekend edition hits two of those passions. I read a book called Winning with Data Science, and it blew me away. So, I reached out and managed to get one of the

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways