Another ransomware got Linux-ed! Threat actors behind the Akira ransomware have reportedly widened their range of targets by launching the Linux version of the ransomware. It is one of the quickly growing ransomware variants that has compromised at least 46 public victims across sectors. Today, get an insight into how a scam ring, known as CryptosLabs, made approximately $525 million. To achieve this, they are managing over 350 domains hosted on more than 80 servers. Watch out before you fall for that attractive investment plan!

What if a hacker gets an admin role? It was almost possible had been a bug in miniOrange’s WordPress Social Login and Register plugin not reported on time. The plugin is used by more than 30,000 WordPress sites.

Top Breaches Reported in the Last 24 Hours

Thousands of home addresses exposed

The U.S. Patent and Trademark Office (USPTO) unwittingly exposed the private addresses of approximately 61,000 individuals in a data breach. The data, which essentially contains an individual’s home address, was in public records between February 2020 and March 2023. It confirmed that this data was also present in bulk datasets that the agency publishes online to aid academic and economic research.

Top Malware Reported in the Last 24 Hours

Akira gets its Linux version

The relatively new Akira ransomware has broadened its operations by including Linux-based platforms as its target. Cyble Research and Intelligence Labs (CRIL) came across the Linux version of the malware and revealed that the group has 46 publicly disclosed victims. The attacks carried out by the group aimed at a broad spectrum of industries, including education, BFSI, professional services, manufacturing, and others.

Top Vulnerabilities Reported in the Last 24 Hours

File Explorer freeze error

Microsoft addressed a known security issue that caused File Explorer to become unresponsive on Windows 11 and Windows Server systems when attempting to view a file's effective access permissions. The issue affects systems running the latest Windows releases, including Windows 11 21H2/22H2 and Windows Server 2022.

Since it concerns non-consumer environments, the issue is less likely to impact home device users.

Bug exposes admin credentials

Arcserve, a data protection firm, resolved a high-severity flaw in its Unified Data Protection (UDP) backup software. The vulnerability, tagged CVE-2023-26258, can lead attackers to bypass authentication and gain admin privileges. With the admin credentials obtained, threat actors would have the ability to carry out destructive actions on the targets' data, such as wiping the backups.

Critical security lapse in WordPress plugin

miniOrange's Social Login and Register plugin for WordPress was found affected by a critical security vulnerability. The plugin allows users to log in to a WordPress website using a social login through various popular social media platforms and service providers. The authentication bypass flaw could enable a threat actor to log in as any user, as long as they have a user's email address. The affected plugin is utilized on over 30,000 websites.

Top Scams Reported in the Last 24 Hours

Scammers made millions in investment scams

Security experts at Group-IB shared insights into massive fake investment schemes run by CryptosLabs. The group allegedly accumulated around $525 million by targeting French-speaking individuals in France, Belgium, and Luxembourg since April 2018. The infrastructure established by the group extends across more than 80 servers and encompasses over 350 domains. Scammers often disguise themselves as an "investment division" of the impersonated organization.