BayMark Health Services, Inc. (BayMark) notified an unknown number of patients that attackers stole their personal and health information. BayMark profiles itself as North America's largest provider of medication-assisted treatment (MAT) for substance use disorders helping tens of thousands of individuals with recovery. In a breach notification, the company disclosed that on October 11, 2024 it learned about an incident that disrupted the operations of some of its IT systems. READ MORE...
Rhode Island began mailing notification letters Friday to alert individuals impacted by the December ransomware attack against the state social services agency, Gov. Dan McKee said during a Friday press conference. Officials estimate the information of 657,000 people was accessed in the attack, but the state sent letters to 709,000 individuals, as some people in the database are cared for by relatives or other people. READ MORE...
A new ransomware crew dubbed Codefinger targets AWS S3 buckets and uses the cloud giant's own server-side encryption with customer provided keys (SSE-C) to lock up victims' data before demanding a ransom payment for the symmetric AES-256 keys required to decrypt it. Halcyon threat hunters say they first spotted this criminal gang in December, and in recent weeks observed two such ransomware attacks against their customers, both of whom were AWS native software developers. READ MORE...
Cybercriminals have picked up a new tactic, impersonating CrowdStrike recruiters in order to distribute a cryptominer on their victims' devices. This malicious campaign starts with an email, inviting the victim to schedule an interview with a recruiter for a position as a junior developer. The illegitimate email takes the victim to a malicious website containing links to download a purported "CRM application." READ MORE...
The US Justice Department announced on Friday charges against three Russian nationals accused of operating two cryptocurrency mixers that were used for money laundering, including by ransomware groups. Charges of conspiracy to commit money laundering and operating an unlicensed money transmitting business were announced against Roman Vitalyevich Ostapenko, Alexander Evgenievich Oleynik, and Anton Vyachlavovich Tarasov. READ MORE...
Juniper Networks kicked off 2025 with security updates that address dozens of vulnerabilities in the Junos OS platform, including multiple high-severity bugs. Patches were released last week to resolve a high-severity out-of-bounds read flaw in the routing protocol daemon (RPD) of Junos OS and Junos OS Evolved that could lead to denial-of-service (DoS) when processing a malformed BGP packet. READ MORE...
UK domain registry Nominet is investigating a potential intrusion into its network related to the latest Ivanti zero-day exploits. Nominet told customers via an email sent on January 8, which was seen by The Register: "We became aware of suspicious activity on our network late last week. The entry point was through third-party VPN software supplied by Ivanti that enables our people to access systems remotely." READ MORE...
Threat actors are employing a new tactic called "transaction simulation spoofing" to steal crypto, with one attack successfully stealing 143.45 Ethereum, worth approximately $460,000. The attack, spotted by ScamSniffer, highlights a flaw in transaction simulation mechanisms used in modern Web3 wallets, meant to safeguard users from fraudulent and malicious transactions. Transaction simulation is a feature that allows users to preview the expected outcome of a blockchain transaction. READ MORE...