The cybercriminal group used email spoofing to install malware on victims’ computers, which allowed them to divert large amounts of money to their accounts.
Attackers are targeting an old SQL injection vulnerability in SonicWall SRA.
The DEV-0322 group was previously observed targeting entities in the U.S. Defense Industrial Base Sector and software companies.
Some speculations suggest that REvil may have been targeted by authorities.
The security updates also fix a number of publicly disclosed but not exploited issues.
Customers' personal and financial information may have been compromised in the attack.
The company said the attacks exploiting CVE-2021-35211 affected only a small subset of its customers.
The malware abuses Open Broadcaster Software (OBS) Studio live streaming software to capture victims’ screens.
On Sunday, the company released VSA version 9.5.7a (9.5.7.2994) that fixes three security vulnerabilities - CVE-2021-30116, CVE-2021-30119, and CVE-2021-30120.
The attack disrupted the district’s IT operations leaving it unable to pay out welfare benefits.
Showing elements 2951 - 2960