Capital Health attack claimed by LockBit ransomware, risk of data leak
The LockBit ransomware operation has claimed responsibility for a November 2023 cyberattack on the Capital Health hospital network and threatens to leak stolen data and negotiation chats by tomorrow. Capital Health is a primary healthcare service provider in New Jersey and parts of Pennsylvania, operating two major hospitals and several satellite and specialty clinics. Last November, the organization experienced an IT systems outage following a cyberattack on its network. READ MORE...
CertiK Twitter account hijacked by cryptocurrency scammer posing as Forbes journalist
Web3 security outfit CertiK has fallen foul of scammers, who managed to hijack its Twitter account to share a malicious link to a fake version of the Revoke.cash project. Security-auditing company CertiK, which boasts over 340,000 followers on its main Twitter account, posted a warning that its tweets should not currently be trusted. In a later tweet, CertiK shared details of what it believed had happened. READ MORE...
And that's a wrap for Babuk Tortilla ransomware as free decryptor released
Security researchers have put out an updated decryptor for the Babuk ransomware family, providing a free solution for victims of the Tortilla variant. A collaboration between Cisco Talos, Avast, and the Netherlands police led to the development of the new decryptor and the arrest of the criminals behind the variant. According to Cisco Talos, the Amsterdam police force arrested the individual behind Babuk Tortilla, and the Dutch Public Prosecution Office prosecuted them. READ MORE...
Stuxnet: The malware that cost a billion dollars to develop?
A report from the Netherlands claims that a Dutch man played a key role in the notorious Stuxnet worm attack against an Iranian nuclear facility, which then accidentally escaped into the wider world. It's not news that the US and Israel are widely believed to be the creators of the sophisticated Stuxnet malware, which exploited zero-day flaws to sabotage Iran's uranium enrichment facilities at Natanz, or that the US is believed to have later tried to use a version of Stuxnet against North Korea's nuclear weapons program. READ MORE...
Merck reaches settlement in closely watched NotPetya insurance case
Merck reached a settlement with its insurance providers in the closely watched dispute in a New Jersey Supreme Court case over $1.4 billion in claims stemming from the NotPetya cyberattack. The pharmaceutical company reached a last-minute agreement with insurance providers just prior to oral arguments, Bloomberg Law reported, citing stipulations filed with the court Wednesday. Terms of the settlement were not disclosed. READ MORE...
Bosch Nutrunner Vulnerabilities Could Aid Hacker Attacks Against Automotive Production Lines
Vulnerabilities found in Bosch Rexroth nutrunners used in the automotive industry could be exploited by hackers seeking direct financial gain or threat actors looking to cause disruption or reputational damage to the targeted organization, according to OT cybersecurity firm Nozomi Networks. Nozomi researchers found security holes in Bosch Rexroth's NXA015S-36V-B product, a cordless, handheld pneumatic torque wrench (also known as a nutrunner) designed for safety-critical tightening operations. READ MORE...
Apache OFBiz zero-day pummeled by exploit attempts after disclosure
SonicWall says it has observed thousands of daily attempts to exploit an Apache OFBiz zero-day for nearly a fortnight. The near-maximum severity zero-day vuln in OFBiz, an open source ERP system with what researchers described as a surprisingly wide install base, was first disclosed on December 26. Since then, attackers have gone for it with large numbers of exploitation attempts. READ MORE...
Cacti Monitoring Tool Spiked by Critical SQL Injection Vulnerability
A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents - presenting a prickly risk for organizations. Thousands of websites use Cacti to collect network performance information such as that related to bandwidth utilization, CPU and memory usage, and disk I/O from devices such as routers, switches, and servers. READ MORE...
- ...in 1890, Czech author and playwright Karel Capek, who coined the word "robot" in his play "R.U.R.", is born in Austria-Hungary.
- ...in 1923, Spanish aviator Juan de la Cierva makes the first flight in his autogyro, a precursor to the modern helicopter.
- ...in 1955, character actor J.K. Simmons ("Whiplash", "Spider-Man") is born in Grosse Pointe, MI.
- ...in 2007, Apple CEO Steve Jobs introduces the first iPhone at a Macworld keynote in San Francisco.
