Hackers trying to extort the Rhode Island government infiltrated the state's public benefits system, causing state officials to shut down online services that let residents apply for Medicaid and other assistance programs. "As part of this investigation today, we discovered that within the Rhode Island Bridges system, a cybercriminal had installed dangerous malware that constituted an urgent threat," Governor Dan McKee said at a Friday night press conference, according to The Providence Journal. READ MORE...
Rydox, an online marketplace used by cybercriminals to sell hacked personal information and tools to commit fraud, has been seized in an international law enforcement operation and its suspected administrators arrested. Rydox has been operating since early 2016, and has been used to sell personally identifiable information, stolen access devices, and tools to assist cybercrime on thousands of occasions according to the US Department of Justice. READ MORE...
The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. The organization is a public, academic health institution that is part of the Texas Tech University System, which educates and trains healthcare professionals, conducts medical research, and provides patient care services. READ MORE...
Cybersecurity researchers at a China-based cybersecurity company have uncovered an advanced PHP backdoor that suggests a new asset in the arsenal of Chinese-linked Advanced Persistent Threat group Winnti. Researchers at QiAnXin's XLab discovered the backdoor, which they titled Glutton, targeting China, the United States, Cambodia, Pakistan, and South Africa. The company believes Glutton has been "undetected in the cybersecurity landscape for over a year." READ MORE...
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run PowerShell commands to verify they are not a bot. The campaign leveraged the Monetag ad network to propagate over one million ad impressions daily across three thousand websites. The malicious operation, dubbed "DeceptionAds" by Guardio Labs and Infoblox researchers, is believed to be conducted by the threat actor known as "Vane Viper." READ MORE...
Artificial intelligence has come to the desktop. Microsoft 365 Copilot, which debuted last year, is now widely available. Apple Intelligence just reached general beta availability for users of late-model Macs, iPhones, and iPads. And Google Gemini will reportedly soon be able to take actions through the Chrome browser under an in-development agent feature dubbed Project Jarvis. READ MORE...
The cybersecurity agency CISA warned organizations on Monday that two vulnerabilities affecting Adobe ColdFusion and Microsoft Windows have been exploited in the wild. CISA added the flaws to its Known Exploited Vulnerabilities (KEV) catalog, instructing federal agencies to address them in their environments by early January 2025. The Windows vulnerability is CVE-2024-35250, a high-severity kernel-mode driver issue that can be exploited by an attacker to escalate privileges to System. READ MORE...
The FBI has issued a fresh alert on the HiatusRAT malware targeting years-old vulnerabilities in web cameras and DVR systems. Initially detailed last year, HiatusRAT has been active since mid-2022, hitting hundreds of organizations in Europe, Latin America, and the US, mainly by exploiting vulnerable high-bandwidth routers. Last year, HiatusRAT's operators were seen performing reconnaissance against a US military procurement system. READ MORE...