Ukrainian Police Nab Six Tied to CLOP Ransomware

Authorities in Ukraine this week charged six people alleged to have been part of the CLOP ransomware group, a cybercriminal gang said to have extorted more than half a billion dollars from victims. Some of CLOP’s victims this year alone include Stanford University Medical School, the University of California, and University of Maryland. Continue reading Ukrainian Police Nab Six Tied to CLOP Ransomware

Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk

The Accellion hack has claimed another victim, this time a financial firm that boasts it’s the second-largest savings bank in the United States. Michigan-based Flagstar Bank recently began notifying affected customers that on Jan. 22, Accellion, an IT provider, relayed that a vulnerability in its file sharing platform had affacted Flagstar. The software flaw has led to breaches at firms around the world, with hackers exploiting the Accellion vulnerability to victimize grocery chain Kroger, cybersecurity company Qualys, the Reserve Bank of New Zealand, the state of Washington, prominent law firm Jones Day (which counts former President Donald Trump among its clients) and perhaps others. “Unfortunately, we have learned that the unauthorized party was able to access some of Flagstar’s information on the Accellion platform and that we are one of numerous Accellion clients who were impacted,” Flagstar said in a notice on its website. The Clop ransomware gang, alternately known […]

The post Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk appeared first on CyberScoop.

Continue reading Accellion hack ensnares Flagstar Bank, putting customer and employee data at risk

FireEye IDs hacking group suspected in Accellion, Kroger breach

Security investigators have identified the hacking group suspected to be behind a data breach of an IT firm that has affected a number of corporations, law firms and other organizations in recent months.  Accellion, a software firm that provides file transfer services to more than 3,000 clients, on Monday said that UNC2546, a “criminal” attacker, had exploited multiple vulnerabilities in Accellion software to install malware. The group appeared to infiltrate an Accellion tool to gather information from Accellion clients, then contact victims, threatening to publish their stolen data. Mandiant, the incident response arm of the security vendor FireEye, made the determination that UNC3546 was behind the incident.  The breach at Accellion, uncovered on Dec. 23, involved an attacker leveraging a zero-day vulnerability to break into the Palo Alto-based cloud company’s secure file transfer application, or FTA.  “The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, […]

The post FireEye IDs hacking group suspected in Accellion, Kroger breach appeared first on CyberScoop.

Continue reading FireEye IDs hacking group suspected in Accellion, Kroger breach