The CyberWire Daily Podcast 5.8.23
Ep 1818 | 5.8.23

Developments in the ransomware underworld: ALPHV, Akira, Cactus, and Royal. Some organizations remain vulnerable to problems with unpatched Go-Anywhere instances.

Show Notes

ALPHV claims responsibility for a cyberattack on Constellation Software. A new Akira ransomware campaign spreads. CACTUS is a new ransomware leveraging VPNs to infiltrate its target. Many organizations are still vulnerable to the Go-Anywhere MFT vulnerability. Russian hacktivists interfere with the French Senate's website. Keith Mularski from EY, details their "State of the Hack" report. Emily Austin from Censys discusses the State of the Internet. And ransomware gangs target local governments in Texas and California. 

Selected reading.

ALPHV gang claims ransomware attack on Constellation Software (BleepingComputer) 

Constellation Software hit by cyber attack, some personal information stolen (IT World Canada) 

Press Release of Constellation Software Inc. (GlobeNewswire News Room)

Meet Akira — A new ransomware operation targeting the enterprise (BleepingComputer)

New Cactus ransomware encrypts itself to evade antivirus (BleepingComputer) 

Pro-Russian Hackers Claim Downing of French Senate Website (SecurityWeek)

Dallas cyberattack highlights ransomware’s risks to public safety, health (Washington Post) 

Hacked: Dallas Ransomware Attack Disrupts City Services (Dallas Observer) 

City of Dallas Continues Battling Ransomware Attack for Third Day (NBC 5 Dallas-Fort Worth) 

San Bernardino County pays hackers $1.1 million ransom after cyber attack (Victorville Daily Press) 

San Bernardino County pays $1.1M ransom after cyberattack disrupts Sheriff's Department systems (ABC7 Los Angeles)

Atomic Data devastated by the unexpected death of CEO and co-owner Jim Wolford (Atomic Data)