Aggregator

After Disrupting Ascension Health, Black Basta Forecast Reprisals From FBI, Moscow
"We are pentesters, not murderers," ransomware group Black Basta claimed in its negotiations with victim Ascension Healthcare in May 2024, after its attack led to widespread disruptions and patient safety alerts. Leaked chat logs reveal the group feared resulting reprisals from the FBI and Moscow.

Also: U.S. Health Data Privacy Crackdowns, Reality vs. Hype of LLMs in Security
In this week's update, four editors with ISMG explore the crumbling state of ransomware group Black Basta and implications for other cybercrime gangs, the expanding impact of U.S. health data privacy laws, and whether large language models are truly what they seem.

Researchers: Ransomware Group Emerged Last Fall; Variant of Babuk Malware
A new ransomware gang, Termite, has started leaking on the dark web samples of sensitive data stolen in an attack on Australian fertility clinic Genea. A court has issued a restraining order in hopes of preventing the threat actor or others from further disseminating, using or publishing the data.

Model Appears to Be a Way Station on the Road to Something Greater
OpenAI on Thursday released its latest generative AI model, but don't call it the next big thing just yet. More thoughtful, persuasive and emotionally intelligent, GPT-4.5 aims to feel less like an algorithm and more like a conversation partner.

Current and Former Officials Express Optimism, Concerns Over Cyber Leadership Picks
Top leadership at the U.S. Cybersecurity and Infrastructure Security Agency may be coming into view as the Trump administration has begun attaching names to senior positions. Karen Evans will be executive assistant director for cybersecurity.

Ransomware Attack Update for 28th of February 2025

A vulnerability was found in HasThemes HT Politic Plugin up to 2.4.4 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-51673. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in TemplatesCoder Sastra Essential Addons for Elementor Plugin up to 1.0.5 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-51674. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in WP Experts Team WP Easy Recipe Plugin up to 1.6 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-51622. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in WP Delicious Delisho Plugin up to 1.0.6 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-51676. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic was found in Kaedinger Audio Comparison Lite Plugin up to 3.4 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-51627. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in EzyOnlineBookings Online Booking System Widget Plugin up to 1.3 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-51628. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in AOL Server 3.2. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation with the input ... leads to path traversal. This vulnerability is handled as CVE-2001-0205. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Hackers reveal security flaws in smart solar systems, exposing risks to national power grids as global reliance on solar energy grows. DW investigated the risks of cyber attacks exploiting vulnerabilities in smart solar systems while the demand for solar energy grows. The German news outlet DW interviewed hackers who’ve exposed security flaws in rooftop installations […]