Cl0p Claims the MOVEit Attack; Here's How the Gang Did It

A researcher guides Dark Reading through the most important bits of Cl0p's latest exploit. [TechWeb]( Follow Dark Reading: [RSS]( June 08, 2023 LATEST SECURITY NEWS & COMMENTARY [Cl0p Claims the MOVEit Attack; Here's How the Gang Did It]( A researcher guides Dark Reading through the most important bits of Cl0p's latest exploit. [Cl0p Cybercrime Gang Delivers Ultimatum After Payroll Breach]( Experts and researchers warn individuals and organizations that the cybercrime group is not to be trusted in their demands. [FBI: Sextortionist Campaigns Use Deepfakes to Target Children, Adults]( Threat actors are lifting public images and videos from the Internet, altering them, and posting them online in a new wave of sextortion campaigns. [Minecraft Malware Spreading Through Mods, Plug-ins]( A worm virus called "fracturizer" has been embedded in modpacks from various sites, including CurseForge and CraftBukkit. [The Case for a Federal Cyber-Insurance Backstop]( By stepping in to provide aid, the federal government could help protect companies, insurers, and the economy from the impact of a widespread, catastrophic cyberattack. [Cyber Essentialism & 'Doing Less With Less']( Cybersecurity benefits from a focus on the vital few chores rather than the trivial many. Find the "right things" to encourage strategic thinking, then move the culture needle to promote that policy. [Microsoft Fined $20M For Xbox Child Data Collection]( The FTC has demanded additional data privacy protections for kids using Xbox gaming systems, extending COPPA protections. [(Sponsored Article) How AI Can Help Organizations Adapt and Recover From Cyberattacks]( Incident response playbooks and frameworks are leaving defenders ill-equipped to recover from the increasing number of successful cyberattacks. Developments in AI offer a new way for stretched teams to manage security incidents and heal swiftly. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Google Drive Deficiency Allows Attackers to Exfiltrate Workspace Data Without a Trace]( No activity logging in the free subscription for Google's Web-based productivity suite exposes enterprises to insider and other threats, researchers say. [Streamers Ditch Netflix for Dark Web After Password Sharing Ban]( Disgruntled users are pursuing offers for "full Netflix access" at steeply discounted rates. [Filling the Gaps: How to Secure the Future of Hybrid Work]( By enhancing remote management and adopting hardware-enforced security, productivity can continue without inviting extra cyber-risk. [MORE]( EDITORS' CHOICE [Verizon DBIR: Social Engineering Breaches Double, Leading to Spiraling Ransomware Costs]( Ransomware continues its runaway growth with median payments reaching $50,000 per incident. LATEST FROM DR GLOBAL ['PostalFurious' SMS Attacks Target UAE Citizens for Data Theft]( SMS campaigns targeting members of the public in the United Arab Emirates have been detected. LATEST FROM THE EDGE [Name That Edge Toon: Spring Chickens]( Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. LATEST FROM DR TECHNOLOGY [Defenders Buckle Up for a Future of Detecting Deepfakes]( Today technology companies have high success rates against generative AI-created voices and videos, but future detection will be much more difficult. WEBINARS - [Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy]( Threat intelligence -- collecting data about broad trends in online attacks -- helps security teams improve their defenses by identifying online exploits that have the potential to hit their organizations and to prioritize their security resources accordingly. But how should ... - [Mastering Endpoint Security: The Power of Least Privilege]( Join us at one of our upcoming live and interactive events we will explore the critical role of least privilege in endpoint security, how it helps to systematically strengthen organization's security posture, and provides a solid foundation for endpoint security ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [AppSec Best Practices: Where Speed, Security, and Innovation Meet in the Middle]( - [A Buyer's Guide to Securing Privileged Access]( - [Top 5 Reasons to Prioritize Privileged Access Management]( - [A Security Leader's Guide to Leveraging MDR for Security Maturity and Development]( - [Large Insurer goes beyond Breach and Attack Simulation (BAS) with Cymulate]( - [Understanding Vulnerability Prioritization Technologies - From Generic VM to VPT]( [View More White Papers >>]( FEATURED REPORTS - [Everything You Need to Know About DNS Attacks]( - [Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks]( The most profound change to enterprise security with the rise of remote work is the way endpoint security has moved from last line of defense to being on the frontline. The user's endpoint is the first device attackers encounter, making ... - [The 10 Most Impactful Types of Vulnerabilities for Enterprises Today]( The enterprise attack surface is constantly expanding. Enterprises have to think beyond zero day vulnerabilities. It's imperative security teams start looking at vulnerabilities in 5G, firmware, edge, and ICS/OT, among others. Managing system vulnerabilities is one of the old ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [BioCatch Strengthens Collaboration With Microsoft Cloud for Financial Services]( [Radiflow's CIARA 4.0 Delivers Actionable Insights to Simplify the Management of OT Cyber-Risk at Industrial Facilities]( [BeyondID Launches Initiative to Accelerate Zero Trust With Okta Identity Engine]( [With SEC Rule Changes on the Horizon, Research Reveals Only 14% of CISOs Have Traits Desired for Cyber Expert Board Positions]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [Everything You Need to Know About DNS Attacks]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)