The Week in Ransomware – July 21st 2023 – Avaddon Back as NoEscape
This edition of the Week in Ransomware covers the last two weeks of news, as we could not cover it
Stolen Azure AD key offered widespread access to Microsoft cloud services
The Microsoft private encryption key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and
Netscaler ADC bug exploited to breach US critical infrastructure org
The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector
Clop gang to earn over $75 million from MOVEit extortion attacks
The Clop ransomware gang is expected to earn between $75-100 million from extorting victims of their massive MOVEit data theft
Amazon agrees to $25 million fine for Alexa children privacy violations
The U.S. Justice Department and the Federal Trade Commission (FTC) announced that Amazon has agreed to pay a $25 million
CISA: Citrix RCE bug exploited to breach critical infrastructure org
Threat actors have breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE
VirusTotal apologizes for data leak affecting 5,600 customers
VirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file
GitHub warns of Lazarus hackers targeting devs with malicious projects
GitHub is warning of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gambling, and