Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label MOVEit Transfer. Show all posts
Zero-day exploits
CLOP Data Breach Data Leak MOVEit Transfer Zero-day exploits

Sony Discloses Data Leak Affecting Thousands in the U.S.

 

Sony Interactive Entertainment (Sony) recently informed current and former employees, as well as their families, of a data breach that exposed private data. 

The company notified around 6,800 people about the data breach, confirming that the attack occurred when an unauthorised party exploited a zero-day vulnerability in the MOVEit Transfer platform. 

The Clop ransomware took advantage of the zero-day, CVE-2023-34362, a critical-severity SQL injection vulnerability that can result in remote code execution, in massive attacks that affected several organisations across the world. 

The intrusion took place on May 28, three days before Sony was informed of the vulnerability by Progress Software (the MOVEit vendor), according to the data breach notification, although it wasn't discovered until early June. 

The notice states that “on June 2, 2023, [we] discovered the unauthorized downloads, immediately took the platform offline, and remediated the vulnerability.” 

“An investigation was then launched with assistance from external cybersecurity experts. We also notified law enforcement,” Sony further explained in the data breach notification. 

Sony claims that the problem was confined to a particular software platform and had no bearing on any of its other systems. Yet 6,791 Americans' private data was compromised, including sensitive information. Although each letter from the firm contains a list of the exposed facts, the sample notification provided to the Office of the Maine Attorney General has them suppressed. 

Now that they have received a notification, the recipients can sign up for Equifax's identity protection and credit monitoring services by providing their special access code through February 29, 2024. 

Following claims on hacking forums that Sony had experienced another security breach and that 3.14 GB of data had been taken from the company's servers, the firm responded by stating that it was looking into the allegations. 

The SonarQube platform, certifications, Creators Cloud, incident response guidelines, a device emulator for creating licences, and other information were all included in the leaked material, which at least two distinct threat actors owned. 

The following statement, which a Sony representative provided to BleepingComputer, confirms a small security breach: A Sony spokesman confirmed the following security breach to BleepingComputer: 

"Sony has been investigating recent public claims of a security incident at Sony. We are working with third-party forensics experts and have identified activity on a single server located in Japan used for internal testing for the Entertainment, Technology and Services (ET&S) business. Sony has taken this server offline while the investigation is ongoing. 

There is currently no indication that customer or business partner data was stored on the affected server or that any other Sony systems were affected. There has been no adverse impact on Sony's operations." 

This proves that Sony experienced two security lapses during the previous four months.
Read more »
USA
Clop Ransomware Gang malware MOVEit Transfer USA

Massive Data Breach: Clop Ransomware Gang Targets MOVEit Transfer, Millions of Driver's Licenses at Risk

 

A significant data breach that took place last month has raised concerns about the potential vulnerability of individuals from Louisiana and Oregon, particularly in relation to identity theft and various cyberattacks. Americans residing in these states may face an increased risk of becoming victims to these malicious activities as a result of the breach. 

Recently discovered zero-day vulnerability (CVE-2023-34362) in the widely-used file transfer software MOVEit Transfer has caught the attention of the notorious Clop ransomware gang. They have wasted no time in exploiting this vulnerability. 

Considering the extensive adoption of MOVEit Transfer by major corporations spanning diverse industries such as finance, education, energy, IT, healthcare, and government organizations, the global repercussions of this data breach are already being experienced. 

In light of recent cyberattacks targeting MOVEit Transfer, a file transfer software used by significant entities such as the Louisiana Office of Motor Vehicles (OMV) and the Oregon Driver & Motor Vehicles Services, concerning revelations have emerged. 

Authorities in Louisiana and Oregon have issued warnings, indicating that the Clop ransomware gang managed to acquire a substantial volume of driver's licenses and other state-issued documents through these attacks. 

The breach's scale is estimated to affect millions of individuals in both states. At present, there is no evidence to indicate that the hackers responsible for the breach have made any use of, sold, shared, or released stolen data. 

Surprisingly, the Clop ransomware gang has publicly stated that they have deleted the pilfered government data in a post-breach announcement. However, the certainty of whether or not the group will fulfill its promise to delete the stolen government data remains unknown. 

To safeguard your personal data in the aftermath of the MOVEit data breach, here are important precautions to consider, particularly if you reside in Louisiana or Oregon: 

• Proceed with the assumption of data compromise: Operate under the assumption that your data may have been stolen by the Clop ransomware gang. 

• Stay vigilant with financial monitoring: Regularly review your bank statements, credit card transactions, and credit reports for any signs of a suspicious activity or potential identity theft. 

• Remain cautious of phishing attacks: Be alert to targeted phishing attempts that may leverage the stolen data to deceive you or extract personal information. Exercise caution when interacting with emails, links, and attachments, especially if they seem suspicious. 

• Evaluate identity theft protection services: If you were a subscriber to reputable identity theft protection services before the MOVEit breach, they may offer assistance in recovering your identity and mitigating financial losses resulting from fraud. 

• Enhance security measures: Update passwords for your online accounts regularly, using strong and unique combinations. Whenever possible, enable two-factor authentication to provide an additional layer of security. 

• Exercise discretion with personal information: Be mindful of sharing personal information online and limit it to trusted and secure platforms or organizations. Use discretion when providing sensitive details. 

• Educate yourself about identity theft prevention: Familiarize yourself with best practices for preventing identity theft, such as avoiding the sharing of personal information over unsecured networks, being cautious with social media sharing, and protecting physical documents containing sensitive data. 

• Stay informed through reliable sources: Keep yourself updated on any announcements or updates from relevant authorities or organizations regarding the breach. Rely on trusted sources of information to stay informed about the situation and recommended actions to take. 

Remember, these recommendations provide general guidance, and seeking advice from professionals or relevant authorities based on your specific circumstances is advisable. 

Additionally, it is advisable to read the following articles to gain a better understanding of the Clop ransomware gang and the impact of the attack on MOVEit Transfer software.





Read more »
Subscribe to: Posts (Atom)