SecurityWeek
Police Dismantle Major Ukrainian Ransomware Operation...
Police from several countries have dismantled a major Ukraine-based ransomware operation and arrested...
Security Affairs
Daixin Team group claimed the hack of North Texas Municipal Water District
The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data.
Cyber Security News
Ardent Health Ransomware Attack: Multiple Hospitals Affected...
...were affected by an information Technology cybersecurity incident which has been determined as a Ransomware...
The Hacker News
Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine...
A coordinated effort led to the arrest of key figures in Ukraine linked to various ransomware attacks...
SecurityWeek
Ardent Hospitals Diverting Patients Following Ransomware Attack...
...Ransomware attack forces Ardent hospitals to shut down systems, impacting clinical and financial operations...
Infosecurity News
Ukraine Police Dismantle Major Ransomware Group...
Affiliate deployed LockerGoga, MegaCortex, Hive and Dharma
Security Affairs
Healthcare provider Ardent Health Services disclosed a ransomware attack...
The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack...
The Record
High-profile ransomware gang suspects arrested in Ukraine...
...essentially neutralized a group known for deploying variants of LockerGoga, MegaCortex, Hive and Dharma ransomware...
The Record
English council spent £1.1 million recovering from ransomware attack...
Gloucester's local government released the expense figures related to a 2021 attack. The council had received a formal reprimand from the Information Commissioner's Office in August.
Infosecurity News
Cybersecurity Incident Hits Fidelity National Financial
The Alphv/BlackCat ransomware group has claimed responsibility for the attack...
SecurityWeek
Henry Schein Again Restoring Systems After Ransomware Group Causes More Disruption...
Healthcare solutions giant Henry Schein is once again restoring systems after ransomware group claims...
SecurityWeek
Hacktivism: What’s in a Name… It May be More Than You Expect
Hacktivists should be treated as malicious hackers because the distance between hacking/activism, malevolence, and damage is too small and too vague.
SecurityWeek
Fidelity National Financial Takes Down Systems Following Cyberattack
Fidelity National Financial is experiencing service disruptions after systems were taken down to contain a cyberattack.
SecurityWeek
UK, Korea Warn of DPRK Supply Chain Attacks Involving Zero-Day Flaws
UK and Korea say DPRK state-sponsored hackers targeted governments, defense organizations via supply chain attacks.
Latest Hacking News
New Alerts Issued For CitrixBleed Flaw Following Active Exploits
Given the continuous rise in active exploitation of the now-known CitrixBleed flaw, governments issued new alerts to patch unpatched Netscaler systems. The recent alerts originate from the Government of Australia and the United States, alongside
The Record
Multiple hospitals divert ambulances after ransomware attack on parent company...
Ardent Health Services confirmed that it was responding to an incident. Hospitals in Texas, Idaho, Oklahoma, New Mexico and New Jersey reported problems over several days.
The Record
Notorious ransomware gang takes credit for cyberattack on Fidelity National Financial...
The AlphV/Black Cat group claimed it breached Fidelity National Financial, a Fortune 500 provider of title insurance for property sales.
The Record
Pennsylvania water authority hit with cyberattack allegedly tied to pro-Iran group
A water authority in Pennsylvania reportedly suffered a cyberattack, prompting officials to reassure people in the area that drinking water has not been affected by the incident.
The Record
Suspected Hamas-linked hackers target Israel with new version of SysJoker malware
Cybersecurity companies Check Point and Intezer analyzed what appears to be a rewrite of backdoor malware that targeted Israel's education sector as early as 2021.
Security Affairs
Security Affairs newsletter Round 447 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
Rhysida ransomware gang claimed China Energy hack...
The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China...
SecurityWeek
North Korean Software Supply Chain Attack Hits North America, Asia
North Korean hackers breached a Taiwanese company and used its systems to deliver malware to the US, Canada, Japan and Taiwan in a supply chain attack.
Infosecurity News
CISA Launches Project to Assess Effectiveness of Security Controls
Relaunched working group aims to tackle scourge of ransomware...
The Record
Vanderbilt University Medical Center investigating cybersecurity incident
Vanderbilt University Medical Center said it is investigating a cybersecurity incident that led to the compromise of a database.
The Record
Potentially hundreds of UK law firms affected by cyberattack on IT provider CTS
The managed service provider CTS confirmed it had experienced a "cyber-incident." At least one report said the CitrixBleed bug was involved.
The Record
North Korean supply chain attacks prompt joint warning from Seoul and London
The alert came as the two governments announced a new strategic cyber partnership “to disrupt and deter DPRK malicious cyber capabilities and activities that contribute to its WMD programs.”
Infosecurity News
InfectedSlurs Botnet Resurrects Mirai With Zero-Days
The investigation conducted by Akamai in late October 2023 revealed a specific HTTP exploit path
Security Affairs
Welltok data breach impacted 8.5 million patients in the U.S.
Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 million patients in the U.S.
Infosecurity News
University of Manchester CISO Speaks Out on Summer Cyber-Attack
University of Manchester CISO Heather Lowrie shared how the institution tackled a major data breach earlier in 2023
Infosecurity News
British Library: Ransomware Attack Led to Data Breach...
Reports suggest employee data is up for sale
Security Affairs
Automotive parts giant AutoZone disclosed data breach after MOVEit hack
American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack
Cyber Security News
Citrix Warns Admin to Kill Active or Persistent Sessions to Thwart Hackers
This vulnerability affected Citrix NetScaler Gateway and ADC devices. Following this, AssetNote published a proof-of-concept for this vulnerability named “CitrixBleed.”
CSO
Cyberattacks on Israel intensify as the war against Hamas rages: Check Point
Cyberattacks have grown in frequency as well as sophistication as the Israel-Hamas conflict intensifies.
The Record
Kansas Supreme Court: Hackers stole records, confidential files in October attack
Hackers who attacked the Kansas court system last month stole records and confidential files, according to the state's Supreme Court.
CSO
9 in 10 organizations have embraced zero-trust security globally
Nearly all of them still have a long way to go according to a new Cisco report.
DarkReading
Scattered Spider Hops Nimbly from Cloud to On-Prem in Complex Attack
The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware...
SecurityWeek
185,000 Individuals Impacted by MOVEit Hack at Car Parts Giant AutoZone
Car parts giant AutoZone says nearly 185,000 individuals were impacted by a data breach caused by the MOVEit hack.
Infosecurity News
LockBit Affiliates Exploiting Citrix Bleed, Government Agencies Warn
Multiple threat actor groups are found to be exploiting a vulnerability in Citrix NetScaler gateway appliances, government agencies have warned
SecurityWeek
Kansas Officials Blame 5-Week Disruption of Court System on ‘Sophisticated Foreign Cyberattack’
...court system said it would take several weeks to return to normal operations after a disruptive ransomware...
SecurityWeek
Citrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability
Administrators are urged to patch the recent CitrixBleed NetScaler vulnerability as LockBit starts exploiting it.
Latest Hacking News
Canada Government Admits Data Breach Impacting Public Employees
The Government of Canada recently admitted suffering a security breach that impacted data of current and former public employees. The incident even affected the staff from the Royal Canadian Mounted Police and Canadian Armed Forces. Canada
Security Affairs
Citrix provides additional measures to address Citrix Bleed
Citrix urges admins to kill NetScaler user sessions after patching their appliances against the CVE-2023-4966 Citrix Bleed vulnerability.
CSO
Flaw in Citrix software led to the recent cyberattack on Boeing: Report
Malicious elements, including LockBit 3.0, managed to exploit vulnerabilities in Citrix software even after they were fixed.
The Hacker News
LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In...
LockBit ransomware affiliates are exploiting the Citrix NetScaler flaw ("Citrix Bleed") to hijack user...
The Record
Australia drops plans to ban ransomware payments in new national cyber strategy...
The Australian government had floated the idea of criminalizing ransomware payments by businesses. ... Instead, it plans to require them to disclose when they have been hit by a ransomware attack.
The Record
Cyberattackers leaked data of 27,000 NYC Bar Association membersers
The Clop ransomware gang claimed to have attacked the organization in January.
The Record
Serbian civilians targeted with Pegasus on eve of national elections
Two international NGOs analyzed mobile devices belonging to two Serbians and found traces of spyware attack attempts.
DarkReading
Exploit for Critical Windows Defender Bypass Goes Public
Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.
.webp)
Cyber Security News
Rhysida Ransomware Attacking Windows Machine Through VPN Devices and RDP...
Rhysida, a new ransomware group, hit its first victim in May 2023. ... They use their ransomware, offered as RaaS (Ransomware-as-a-Service), with at least 50 global victims...
Infosecurity News
DarkGate and PikaBot Activity Surge in the Wake of QakBot Takedown
DarkGate and PikaBot have been observed as part of phishing campaigns using the same tactics as the ones used by QakBot perpetrators
The Hacker News
Play Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals...
Play ransomware has turned into Ransomware-as-a-Service (RaaS), allowing other cybercriminals to use...
Cyber Security News
Hackers Attacking Apache Web Servers to Install Coinminers
An attack campaign that installs XMRig Coinminer on Windows web servers that run on Apache has been discovered recently.
SecurityWeek
CISA Offering Free Cybersecurity Services to Non-Federal Critical Infrastructure Entities
New CISA pilot program brings cutting-edge cybersecurity services to critical infrastructure entities that need support.
SecurityWeek
Canadian Military, Police Impacted by Data Breach at Moving Companies
Data breaches at two moving companies impacts Canadian government employees, and military and police personnel.
The Hacker News
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
New variant of Agent Tesla malware identified. It's a keylogger and remote access trojan (RAT) offered as part of a malware-as-a-service (MaaS) model.
Cyber Security News
Hackers Infect Linux Machines with Rootkits via Apache ActiveMQ Vulnerability
Trend Micro researchers recently revealed Apache ActiveMQ vulnerability (CVE-2023-46604) was actively exploited.
CyberSecurity Dive
Companies are getting smarter about cyber incidents
Although incidents are up and risks are expanding, businesses are better prepared to send threat actors away empty-handed, a specialist says.
CSO
MOVEit carnage continues with over 2600 organizations and 77M people impacted so far
The number of companies impacted by one of the biggest cyberattack incidents of the year continues to grow.
The Record
‘Citrix Bleed’ vulnerability targeted by nation-state and criminal hackers: CISA
The bug has caused alarm for weeks as cybersecurity experts warned that many government agencies and major companies were leaving their appliances exposed to the internet — opening themselves up to attacks.
The Record
Binance agrees to pay $4.3 billion for money laundering violations, CEO steps down
Binance, the largest cryptocurrency exchange in the world, agreed to pay more than $4 billion in settlements with several U.S. law enforcement agencies after years of investigations uncovered widespread criminal use of the platform.
DarkReading
Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw
Threat actors were actively exploiting CVE-2023-36025 before Microsoft patched it in November.
Security Affairs
Canadian government impacted by data breaches of its contractors
The Canadian government discloses a data breach after threat actors hacked two of its contractors.
Security Affairs
Rhysida ransomware gang is auctioning data stolen from the British Library...
The Rhysida ransomware group claimed responsibility for the recent cyberattack on the British Library...
Latest Hacking News
Google Workspace Vulnerabilities Risk Security Breaches – Warn Researchers
Researchers have found numerous security vulnerabilities in Google Workspace that risk breaches. While the vulnerabilities pose a serious threat to the users, Google denies fixing the bugs as they do not match with Google’s threat
The Hacker News
DarkGate and PikaBot Malware Resurrect QakBot's Tactics in New Phishing Attacks
New high-volume phishing campaigns mimic tactics of defunct QakBot trojan, hijacking email threads and using unique URLs to deliver DarkGate & PikaBot
The Hacker News
Product Walkthrough: Silverfort's Unified Identity Protection Platform
Silverfort's Unified Identity Protection Platform: A game-changer in cybersecurity. Discover how it protects organizations from identity-based attacks
Cyber Security News
Hackers Exploit Google Workspace to Exfiltrate Data and Deploy Ransomware...
Recent research into Google Workspace and Google Cloud Platform by Bitdefender Labs reveals novel attack methods, potentially leading.
SecurityWeek
Johnson Controls Patches Critical Vulnerability in Industrial Refrigeration Products
Johnson Controls patches a critical vulnerability that can be exploited to take complete control of Frick industrial refrigeration products
SecurityWeek
Yamaha Motor Confirms Data Breach Following Ransomware Attack...
Yamaha Motor discloses ransomware attack impacting the personal information of its Philippines subsidiary...
The Hacker News
Why Defenders Should Embrace a Hacker Mindset
Prioritizing cybersecurity is key. Learn how to prioritize remediation based on impact and protect your organization's crown jewels.
SecurityWeek
K-12 Schools Improve Protection Against Online Attacks, but Many Are Vulnerable to Ransomware Gangs...
K-12 schools improve protection against cyberattacks, but many are still vulnerable to ransomware gangs...
The Record
British Library says ransomware hackers stole data from HR files...
...of the largest libraries in the world and the national library of the United Kingdom — said the ransomware...
The Record
Greater Paris wastewater agency dealing with cyberattack
The organization that manages wastewater for nine million people in and around Paris was hit with a cyberattack last week.
The Record
Personal info of Canadian Armed Forces, RCMP stolen in cyberattack
A cyberattack on the systems of a Canadian government contractor used for relocation services has compromised data belonging to service members and the Royal Canadian Mounted Police.
The Record
CISA launches pilot program offering ‘cutting-edge’ services to critical infrastructure orgs
The U.S. government is offering “cutting-edge cybersecurity shared services” to critical infrastructure organizations that need it most.
Security Affairs
Security Affairs newsletter Round 446 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
...8Base ransomware operators use a variant of Phobos ransomware...
...8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of...
Cyber Security News
Weekly Cyber Security News Roundup for the Week of November 13th to 18th
Welcome to the Cyber Security News Recap, a weekly publication by Cyber Writes. Our aim is to bring you up-to-date information on the latest developments in the field of cybersecurity.
The Hacker News
...8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader...
The threat actors behind the 8Base ransomware are utilizing a variant of the Phobos ransomware for their...
DarkReading
Scattered Spider Casino Hackers Evade Arrest in Plain Sight
The feds seem to know all about the hacking group brazenly breaking into corporate networks; so why are enterprise teams left on their own to stop their cybercrimes?
Security Affairs
Medusa ransomware gang claims Toyota Financial Services hack...
Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang...
DarkReading
Actions to Take to Defeat Initial Access Brokers
Initial access brokers (IAB) are often difficult to track. This Tech Tip spells out some countermeasures enterprises need to defend against stolen credentials.
SecurityWeek
In Other News: Major Law Firm Hacked, Chinese Bank Pays Ransom, PyPI Security Audit
Noteworthy stories that might have slipped under the radar: top law firm hacked, Chinese bank pays ransom, PyPI conducts first security audit
Cyber Security News
FBI Shares Tactics & Techniques Used by Scattered Spider Hacker Group
Recently, the FBI and CISA issued a joint Cybersecurity Advisory (CSA) on Scattered Spider threat actors targeting commercial facilities.
SecurityWeek
Israeli Man Who Made $5M From Hacking Scheme Sentenced to Prison in US
Aviram Azari, an Israeli man who made nearly $5 million from a hacking scheme, has been sentenced to 80 months in prison in the US.
CyberSecurity Dive
Threat actors behind Las Vegas casino attacks are social-engineering mavens
Scattered Spider threat actors are attacking large companies and their IT help desks to steal data for extortion, according to federal cyber authorities.
CyberSecurity Dive
FCC proposes 3-year cybersecurity pilot for schools, libraries
The agency will seek public comment on the proposal, which will explore how the Universal Service Fund can support school and library cyber concerns.
Infosecurity News
FBI Lifts the Lid on Notorious Scattered Spider Group
Security advisory details TTPs of prolific threat actors
SecurityWeek
CitrixBleed Vulnerability Exploitation Suspected in Toyota Ransomware Attack...
Toyota Financial Services has been hit by a ransomware attack that may have involved exploitation of...
Infosecurity News
Royal Mail to Spend £10m on Ransomware Remediation...
Postal service was breached in January 2023
Infosecurity News
British Library: Ransomware Recovery Could Take Months...
Famed institution warns of ongoing disruption
The Hacker News
U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem
U.S. agencies warn about Scattered Spider cybercriminals using advanced phishing to steal data and extort victims.
CSO
CrowdStrike’s new Falcon Go delivers AI security to SMBs
CrowdStrike has released a new version of its Falcon platform designed to give small and medium-size businesses a new option for out-of-the-box security.
The Record
Yamaha and WellLife Network confirm cyber incidents after ransomware gang claims attacks...
A ransomware group that has been exploiting a vulnerability in Citrix products posted both companies...
The Record
...‘Sex life data’ stolen from UK government among record number of ransomware attacks...
The latest data released by the Information Commissioner’s Office (ICO) includes an attack that breached data on the sex lives of up to 10,000 people, from an unspecific government department.
The Record
More than 330,000 Medicare recipients affected by MOVEit breach
In the latest disclosures related to a Russian ransomware gang’s exploitation of the popular MOVEit file...
The Record
CISA, FBI warn of Scattered Spider expertise with social engineering, SIM swapping
The leading cybersecurity officials in the U.S. published a stark warning on Thursday about a group of hackers who have disrupted some of the largest companies in the country through social engineering and other tactics.
The Record
Multiple colleges, K-12 schools facing outages after cyberattacks
North Carolina Central University is investigating a cyberattack this week, as are school districts in Michigan, Oregon and Atlanta.
The Record
The United States has a new cyber czar — for a little while, anyway
Drenan Dudley, currently ONCD's deputy for strategy and budget, will take over the office temporarily with the departure of Kemba Walden, its acting director.
The Record
Remcos, again: Ukrainian agencies targeted in a new spying campaign
In a recent campaign, the hacking group tracked as UAC-0050 attempted to spread the Remcos remote access tool, according to research by Ukraine's computer emergencies response team (CERT-UA).