minute read
Share this article:
Information stolen in April 10 ransomware attack was posted on a dark web portal and includes private documents not published as part of public records.
The ransomware gang identified as DoppelPaymer has leaked a substantial collection of files from the Illinois Office of the Attorney General (OAG) on a server controlled by the cybercriminal group. The move came after ransom negotiations between the two parties broke down following a ransomware attack earlier this month, on April 10.
The leaked files include not only public information from court cases handled by the Illinois OAG, but also private documents that aren’t a part of the public record, according to security research firm Recorded Future, which detailed the leak in a post on its news portal The Record. The files contain personally identifiable information about state prisoners, their grievances and cases, according to the post.
minute read
Share this article:
The KDC-spoofing flaw tracked as CVE-2021-23008 can be used to bypass Kerberos security and sign into the Big-IP Access Policy Manager or admin console.
F5 Networks’ Big-IP Application Delivery Services appliance contains a Key Distribution Center (KDC) spoofing vulnerability, researchers disclosed – which an attacker could use to get past the security measures that protect sensitive workloads.
Join Threatpost for “Fortifying Your Business Against Ransomware, DDoS & Cryptojacking Attacks” a LIVE roundtable event on Wednesday, May 12 at 2:00 PM EDT for this FREE webinar sponsored by Zoho ManageEngine.
Specifically, an attacker could exploit the flaw (tracked as CVE-2021-23008) to bypass Kerberos security and sign into the Big-IP Access Policy Manager, according to researchers at Silverfort. Kerberos is a network authentication protocol that’s designed to provide strong authentication for client/server applications by using se