IOTW: HTC confirms cyber attack as BlackCat ransomware gang teases stolen data | Cyber Security Hub – Cyber Security Hub

HTC Global Services has confirmed it suffered a cyber attack after the BlackCat ransomware group (also known as ALPHV) recently leaked photos of what it claimed to be data stolen from the IT services and business consulting company. The data includes passports, contact lists, emails and confidential documents. In a short statement posted on X (formerly Twitter), HTC said it has encountered a “cyber security incident” which it is investigating.
While there is currently little known detail about the nature and extent of the incident, cyber security researcher Kevin Beaumont suggested that HTC was breached as a result of the Citrix Bleed vulnerability.
“HTC has experienced a cyber security incident. Our team has been actively investigating and addressing the situation to ensure the security and integrity of user data,” the firm’s statement read. “We’ve enlisted cyber security experts and are working to resolve it. Your trust is our priority.”
Commenting on the incident, Kennet Harpsøe, senior cyber analyst at cyber security company LogPoint, said that it appears that HTC is being actively extorted by the BlackCat/ALPHV group. “It’s unclear if BlackCat has hit HTC with ransomware and is thus engaging in double extorsion or if they have simply skipped the ransomware and gone straight to extortion with leaked data. A strategy we have seen others employ lately.”
The probable initial attack vector – the Citrix Bleed vulnerability – was published in mid-October but has been actively exploited since at least August of this year, making it a zero day vulnerability, Harpsøe said. “This underscores the importance of patching published vulnerabilities but also that zero days are unavoidable, underscoring the need for defense in depth.”
The BlackCat/ALPH ransomware group – known for employing some of the most ruthless extortion tactics ever seen including leaking clinical photos of breast cancer patients – has been prolific in its malicious activity recently. Last month, the gang reported one of its victims to the US Securities and Exchange Commission (SEC) for failing to comply with a four-day cyber attack disclosure rule. The unprecedented move was an effort to exert more pressure on software company MeridianLink, from which BlackCat/ALPHV claimed to have stolen customer data and operational information.
In the same week, the group was tracked attacking corporations and public entities in the Americas and Europe in a malvertising campaign. A Russian-speaking affiliate of the gang adopted new attack tactics to infect targets – using Google Ads to deliver Nitrogen malware – according to eSentire research. The group was also behind the $100 million MGM Resorts cyber attack in September.

Report: 'Diagnosing Disaster: How To Recover From An Attack'

This report on incident response and recovery offers pivoting strategies and identifies top internal and external challenges for security teams.

Learn More

This report on incident response and recovery offers pivoting strategies and identifies top internal and external challenges for security teams.
Hackers stole information on all users of Okta’s customer support system
The Canadian government has disclosed a data breach after contractor hacks exposed information datin…
Data breach exposed includes Social Security numbers, information on physical and mental health cond…
US federal agencies are revealed to be the latest victims of hacking group Clop
Czech government and airport websites affected by cyber attack
Reach Cyber Security professionals through cost-effective marketing opportunities to deliver your message, position yourself as a thought leader, and introduce new products, techniques and strategies to the market.
Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.
Cyber Security Hub, a division of IQPC

Careers With IQPC| Contact Us | About Us | Cookie Policy
Become a Member today!

We respect your privacy, by clicking ‘Subscribe’ you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object. For further information on how we process and monitor your personal data click here. You can unsubscribe at any time.

source

Related Posts

After 6 months and little explanation, Norton Healthcare patients, employees still feeling effects of cyber attack – WDRB

Spotty shower possible. Storms after midnight Updated: April 16, 2024 @ 12:31 pmNorton Healthcare, a company serving about 600,000 patients a year with nearly $5 billion in assets, continues to…

Read more

CA's top cybersecurity job has been vacant for almost 2 years – CalMatters

Technology Californians get hacked all the time. The state’s top cybersecurity job is vacant In summaryGov. Newsom has yet to appoint a commander who is tasked with informing businesses and…

Read more

13 Cyber Security Measures Your Small Business Must Take – Tech.co

Our content is funded in part by commercial partnerships, at no extra cost to you and without impact to our editorial impartiality. Click to Learn MoreCybersecurity has been important to…

Read more

AVG Antivirus Free review – Ghacks

AVG AntiVirus Free is a longstanding security program for Microsoft Windows that protects computer systems from viruses, trojans and other malicious code.One interesting fact about AVG is that it maintains…

Read more

Vlog Episode #247: Chris Long on Improving Technical SEO Skills & Playing Offense SEO – Search Engine Roundtable

In part one, we learned about Chris Long and his experience working with Bill Slawski. Then, in part two, we spoke about helping people with SEO on LinkedIn and using…

Read more

Information Security Vs. Cybersecurity: What's The Difference? – Forbes

Information Security Vs. Cybersecurity: What’s The Difference?  Forbessource

Read more

Leave a Reply

Your email address will not be published. Required fields are marked *