Hi friends,

We've got some important MOVEit updates to line up today, and a bunch of high-level breaches to look in to impacting the Swiss, Turkish and Chilean governements.

Enjoy perusing this week's issue, and have a wonderful day!

Dieter Van der Stock

Breaches and leaks

  • Private data of Turkish citizens was stolen from a e-gov service and offered for sale: link.
  • The Swiss governement disclosed a recent ransomware attack through a third-party supplier and is suffering from DDoS attacks: link.
  • The army of Chile was breached with data being leaked online: link.
  • The University of Manchester says hackers likely stole data in cyberattack: link.
  • Infotel JSC, a Russian telecom provider used by Russian banks, was taken down by Ukrainian hackers: link.
  • Zacks Investment Research has suffered a breach impacting 8.8 million customers: link.
  • St. Margaret's Health, an Illinois hospital, is permanently shutting down in part because of a 2021 ransomware attack: link.
Dieter Van der Stock

MOVEit update

There are a few items dealing with the MOVEit file transfer vulnerabilities:

  • Clop ransomware gang starts listing and extorting victims: here.
  • New critical flaws were found in the MOVEit software after a security audit, so make sure you have the latest patches: link.
  • A few days later MOVEit warns of yet another newly discovered vulnerability, so yeah, patch: link.
  • PoC code for the original vulnerability is now publicly available, so more attackers will get on this: link.
  • CISA says that the US gov has been hit several times, although interestingly Clop seems to hold itself to a promise of deleting USgov data and not publishing it: link.
Dieter Van der Stock