Clop Ransomware group claims the breach of The Washington Post

pNorth Korealinked Konni APT used Google Find Hub to erase data and spy on defectorsppUS CISA adds Samsung mobile devices flaw to its Known Exploited Vulnerabilities catalogppCritical Triofox bug exploited to run malicious payloads via AV configurationppGlassWorm malware has resurfaced on the Open VSX registryppDenmark and Norway investigate Yutong bus security flaw amid rising tech fearsppAgentic AI in Cybersecurity Beyond Triage to Strategic Threat HuntingppNine NuGet packages disrupt DBs and industrial systems with timedelayed payloadsppQNAP fixed multiple zerodays in its software demonstrated at Pwn2Own 2025ppAI chat privacy at risk Microsoft details Whisper Leak sidechannel attackppSECURITY AFFAIRS MALWARE NEWSLETTER ROUND 70ppSecurity Affairs newsletter Round 549 by Pierluigi Paganini INTERNATIONAL EDITIONppChinalinked hackers target US nonprofit in longterm espionage campaignppA new Italian citizen was targeted with Paragons Graphite spyware We have a serious problemppLANDFALL spyware exploited Samsung zeroday CVE202521042 in Middle East attacksppCisco fixes critical UCCX flaw allowing Root command executionppCisco became aware of a new attack variant against Secure Firewall ASA and FTD devicesppGoogle sounds alarm on selfmodifying AI malwareppAlleged Russialinked Curly COMrades exploit Windows HyperV to evade EDRsppSonicWall blames statesponsored hackers for September security breachppUS sanctioned North Korea bankers for laundering funds linked to cyberattacks and peapons programppThe Clop Ransomware group announced the hack of the prestigious American daily newspaper The Washington Post The cybercrime group created a page for the university on its Tor data leak site and announced it will leak the stolen data soonppThe group claimed the company was breached due to its neglect of security despite its responsibility to protect customersppThe company doesnt care about its customers it ignored their securityppThe Washington Post has been breached by Clop Ransomware washingtonpost pictwittercomHBjFECfB7fppIn midOctober the Clop Ransomware group claimed the breach of The Washington Post and added the American daily newspaper to its Tor data leak siteppClop aka Cl0p is a prolific Russianspeaking ransomwareasaservice group specializing in biggame hunting and doubleextortionppThe Clop ransomware group first appeared on the threat landscape around February 2019 emerging from the TA505 cybercrime group a financially motivated gang active since at least 2014ppLike other Russiabased threat actors Clop avoids targets in former Soviet countries and its malware cant be activated on a computer that operates primarily in RussianppOperators and affiliates identify highvalue targets steal sensitive data encrypt networks then publish stolen files on dataleak sites to pressure victims into paying Clop exploits zerodays and vulnerable thirdparty software eg MOVEit GoAnywhere Oracle EBS leverages initialaccess brokers and automation and uses sophisticated evasion and lateralmovement techniques to maximize impact and monetizationppClops victims include Shell British Airways Bombardier University of Colorado PwC and the BBCppThe group conducted major campaigns includingppFollow me on Twitter securityaffairs and Facebook and MastodonppPierluigi PaganinippSecurityAffairs  hacking The Washington PostppppIntelligence November 11 2025ppHacking November 11 2025ppHacking November 11 2025ppMalware November 10 2025ppSecurity November 10 2025ppTo contact me write an email to
Pierluigi Paganini
email protected
pp
Copyrightsecurityaffairs 2024 p