The Iran-linked cyberespionage group OilRig has been observed intensifying cyber operations against government entities in the Gulf region, cybersecurity firm Trend Micro reports. Also tracked as APT34, Cobalt Gypsy, Earth Simnavaz, and Helix Kitten, the advanced persistent threat (APT) actor has been active since at least 2014, targeting entities in the energy, and other critical infrastructure sectors, and pursuing objectives aligned with those of the Iranian government. READ MORE...
Gryphon Healthcare and Tri-City Medical Center last week disclosed separate data breaches in which the personal information of more than 500,000 individuals was stolen. The Houston, Texas-based billing services provider Gryphon is notifying 393,358 individuals of an incident discovered on August 13, 2024, which involved an unnamed partner "that Gryphon provides medical billing services for." READ MORE...
American Water, the largest regulated water and wastewater utility company in the US, is now reconnecting its infrastructures, after taking its systems offline due to a cybersecurity incident it reported on Oct. 7. The company provides drinking water and sewer services to more than 14 million people across 14 states and 18 military installations. In an update on Oct. 10, it reported that there is no evidence to support that the cyber incident impacted its water or wastewater facilities. READ MORE...
Russian government hackers are targeting known, unpatched vulnerabilities to victimize specific organizations like governments and defense contractors while also scanning the internet for any susceptible systems to attack, U.S. and U.K. cyber agencies said in a joint alert. The threat actors tied to the Russian Foreign Intelligence Service (SVR) "are highly capable of and interested in exploiting software vulnerabilities." READ MORE...
The growing popularity of online marketplaces has attracted fraudsters preying on unsuspecting buyers and sellers, looking to score payment card information rather than to strike a bargain. ESET researchers have found that one such organized scammer network - which uses Telekopye, a toolkit discovered by ESET Research in 2023 - has expanded its operations to target users of popular accommodation booking platforms. READ MORE...
If we were to draw an infosec Venn diagram, with one circle representing "sensitive info that attackers would want to steal" and the other "limited resources plus difficult-to-secure IT environments," education would sit in the overlap. Schools - including K-12, colleges, and universities - store health and medical records, data belonging to minors, financial information, sensitive research, AI training models and other proprietary IP. READ MORE...
Juniper Networks has released patches for dozens of vulnerabilities in its Junos OS and Junos OS Evolved network operating systems, including multiple flaws in several third-party software components. Fixes were announced for roughly a dozen high-severity security defects impacting components such as the packet forwarding engine (PFE), routing protocol daemon (RPD), routing engine (RE), kernel, and HTTP daemon. READ MORE...
OpenAI has disrupted over 20 malicious cyber operations abusing its AI-powered chatbot, ChatGPT, for debugging and developing malware, spreading misinformation, evading detection, and conducting spear-phishing attacks. The report, which focuses on operations since the beginning of the year, constitutes the first official confirmation that generative mainstream AI tools are used to enhance offensive cyber operations. READ MORE...
More than 86,000 Fortinet instances remain vulnerable to the critical flaw that attackers started exploiting last week, according to Shadowserver's data. The most recent count taken from Sunday put the number of IPs vulnerable to the bug at 86,602 - a slight decrease from 87,930 the day before. The internet security biz's data showed the majority of those appliances are located in Asia (38,778), followed, though not closely, by North America (21,262) and Europe (16,381). READ MORE...