Health care company Ascension lost sensitive data for nearly 5.6 million individuals in a cyberattack that was attributed to a notorious ransomware gang, according to documents filed with the attorney general of Maine. Ascension owns 140 hospitals and scores of assisted living facilities. In May, the organization was hit with an attack that caused mass disruptions as staff was forced to move to manual processes that caused errors, delayed or lost lab results, and diversions of ambulances. READ MORE...
Aerospace and defense giant General Dynamics says threat actors compromised dozens of employee benefits accounts after a successful phishing campaign targeting its personnel. The unauthorized activity was discovered on October 10, after the attackers had accessed and made changes to the employee benefits accounts through a login portal hosted by a third party. The attackers ran a fraudulent advertising campaign that directed General Dynamics employees to a phishing site. READ MORE...
American Addiction Centers is notifying more than 422,000 people that their personal information was stolen in a recent data breach. The Brentwood, Tennessee-based organization provides inpatient and outpatient substance abuse treatment services through a network of rehabilitation facilities across multiple states. It employs over 2,700 people. The incident was identified on September 26, but the attackers had access to the organization's servers for at least several days prior. READ MORE...
European Space Agency's official web shop was hacked as it started to load a piece of JavaScript code that generates a fake Stripe payment page at checkout. With a budget over 10 billion euros, the mission of the European Space Agency (ESA) is to extend the limits of space activities by training astronauts and building rockets and satellites for exploring the mysteries of the universe. READ MORE...
The North Korean hacker group 'TraderTraitor' stole $308 million worth of cryptocurrency in the attack on the Japanese exchange DMM Bitcoin in May. In a short post, the FBI attributed the attack to the state-affiliated threat actor TraderTraitor, also tracked as Jade Sleet, UNC4899, and Slow Pisces. The crypto heist occurred in May 2024 and forced the platform to restrict account registration, cryptocurrency withdrawals, and trading until the completion of the investigations. READ MORE...
The U.S. Department of Justice revealed charges Friday against Rostislav Panev, a dual Russian and Israeli national, for his alleged role as a developer in the notorious LockBit ransomware group. Panev was arrested in Israel following a U.S. provisional arrest request and is currently awaiting extradition. Authorities allege that Panev has been an instrumental figure in LockBit's operations since its inception in 2019. READ MORE...
After the Mozi botnet mysteriously disappeared last year, a new and seemingly more powerful botnet, Androxgh0st, rose from its ashes and has quickly become a major threat to critical infrastructure. As of December, at least one security shop suspects the new hybrid botnet is being weaponized by the Chinese government. Check Point, meanwhile, rated Androxgh0st as the most prevalent malware globally, and said it affected 5 percent of organizations worldwide during November. READ MORE...
Attackers are actively exploiting a critical vulnerability in Apache Struts 2 just days after it was originally disclosed and patched, researchers warn. The vulnerability, listed as CVE-2024-53677, involves a flaw in file upload logic, according to a bulletin from Apache. The vulnerability has a CVSS score of 9.5 out of 10, indicating the risk is considered critical. An attacker can manipulate file upload parameters to enable path traversal. READ MORE...