Skip to content
Censys Search Teams: Industry-leading internet intelligence for growing security teams and organizations | Learn More
Blogs

This Month in Cybersecurity News

 

It’s been a summer of cybersecurity headlines, and today we’re rounding up some of the news stories that made waves in August.

1. Qakbot botnet dismantled after infecting over 700,000 computers 

Source: Bleeping Computer

On Tuesday, the FBI announced that the notorious Qakbot botnet had finally been taken out with the help of law enforcement agencies from multiple countries. Qakbot was one of the largest and longest running botnets plaguing the internet, and during its time online managed to deploy more than 40 ransomware attacks and infect 700,000 computers. Qakbot was an initial attack method for a number of ransomware gangs. After accessing parts of the botnet’s infrastructure, law enforcement was able to deploy an uninstaller that removed ransomware on victims’ computers. They also recovered $9 million in cryptocurrency, which they plan to return to victims.

Read the Article 

2. MOVEit, the biggest hack of the year, by the numbers 

Source: TechCrunch

New data on the MOVEit Transfer software breach finds that 1,000 known organizations have fallen victim to the hack, affecting an estimated 60 million individuals. TechCrunch reports that this makes the MOVEit Transfer hack the largest hack of 2023 thus far. MOVEit Transfer is a managed file service from Progress, and is used by thousands of organizations around the world to transmit sensitive data on the internet.

In May, Progress announced that its MOVEit Transfer platform was experiencing a zero-day vulnerability. Ransomware groups, particularly the Clop group, took that as their green light to raid servers and begin stealing data. The majority of attacks observed are on organizations in the U.S. (83%) and according to industry analysis from the Censys Research Team, one-third of hosts running vulnerable MOVEit servers belong to financial service-related organizations. Our research also found that 15.95% of hosts were associated with the healthcare sector, 8.92% were associated with information technology organizations, and 7.5% were attributed to the government and military.

Read the Article 

3. Hacking group KittenSec claims to ‘pwn anything we see’ to expose corruption 

Source: Cyberscoop

A new hacking group “KittenSec” says that it attacked a number of government and private computer systems in NATO countries this month. KittenSec says that its primary purpose is to expose corruption. Reporting from Cyberscoop, however, suggests that the group has loose boundaries on what it will and won’t hack. A spokesperson for KittenSec told Cyberscoop that they “always manage to pwn anything we want,” but that it’s “mostly because of corruption.” So far the group has posted links to data from targets in France, Italy, Greece, and a handful of other countries. KittenSec says they’re a group of about a dozen members and that they are not affiliated with any specific country.

Read the Article

4. For the first time, U.S. government lets hackers break into satellite into space

Source: Politico

Earlier this month, DEFCON hosted its first ever “Hack-a-Sat” competition, sponsored by the U.S. Air Force and Space Force. Teams of hackers were invited to participate in “the world’s first Capture-the-Flag in space.” They were asked to attempt to take control of an actual satellite orbiting earth and complete a series of challenges, like hacking into the satellite’s camera to take photos. The unique hacking challenge is part of the government’s broader effort to bolster its cybersecurity defenses in the sky and identify security gaps. It also comes as many are calling for satellites, which are instrumental in providing internet access and GPS to a wide range of industries, to officially be designated as critical infrastructure.

Read the Article 

5. Duolingo data breach exposes 3 million user emails

Source: IoT World Today

New evidence reveals that nearly 3 million user emails were compromised as part of the Duolingo data breach in January. It was originally believed that just user names had been hacked. However, email addresses are now appearing for sale on hacking forums. Emails are typically being sold with additional information about users’ names, country or bio, profile picture, and language, which could increase the risk of personalized phishing attacks. One-third of affected Duolingo accounts are based in the U.S.

Read the Article

 

Interested in more cybersecurity news? Check back in at the end of each month for a fresh news roundup. You can also subscribe to our blog below to stay up-to-date with the latest Censys research, thought leadership, and product updates.

 

Similar Content

Back to Resources Hub
Attack Surface Management Solutions
Learn more