Encrypted messaging service intercepted, 2.3 million messages read by law enforcement
European law enforcement agencies have taken down yet another encrypted messaging service mainly used by criminals. The Matrix encrypted messaging service was an invite-only service which was also marketed under the names Mactrix, Totalsec, X-quantum, or Q-safe. Dutch and French authorities started an investigation when the service was found on the phone of a criminal convicted for the murder of Dutch journalist Peter R. de Vries in 2021. READ MORE...
Anna Jaques Hospital Data Breach Impacts 316,000 People
Anna Jaques Hospital is notifying over 316,000 individuals that their personal information was compromised in a December 2023 data breach. The incident was identified on Christmas day last year and resulted in the hospital diverting patients from its emergency rooms after its health record system was shut down. Anna Jaques initially disclosed the data breach on January 23, after a threat actor known as Money Message listed the hospital on its leaks site, claiming the theft of 600 gigs of data. READ MORE...
Medical Device Maker Artivion Scrambling to Restore Systems After Ransomware Attack
Medical devices company Artivion on Monday disclosed a ransomware attack that knocked some of its systems offline, causing disruption to order and shipping processes. Headquartered in Atlanta, Georgia, Artivion manufactures and distributes aortic-centric cardiac and vascular medical products, including mechanical human heart valves, implantable cardiac and vascular human tissues, stent grafts, and surgical sealants. The company markets and sells its products in over 100 countries. READ MORE...
Texas Teen Arrested for Scattered Spider Telecom Hacks
Chasing down members of Scattered Spider, the cybercrime group known for their social engineering takedowns of massive organizations, has been a top law enforcement priority over the past several months. Now, the Federal Bureau of Investigation has made a new arrest in the case, a 19-year-old hacker living in Fort Worth, Texas - and he's talking. Remington Goy Ogletree is accused of a phishing operation that ran from October 2023 to last May. READ MORE...
Micropatchers share 1-instruction fix for NTLM hash leak flaw in Windows 7+
Acros Security claims to have found an unpatched bug in Microsoft Windows 7 and onward that can be exploited to steal users' OS account credentials. The flaw-finding biz - which develops and releases unofficial "micropatches" to close holes in software that vendors won't address - says this particular bug is an NTLM vulnerability. We're told victims who view a maliciously crafted file in vulnerable versions of Windows Explorer may have their NTLM hash leaked. READ MORE...
OpenWrt orders router firmware updates after supply chain attack scare
OpenWrt users should upgrade their images to the same version to protect themselves from a possible supply chain attack reported to the open source Wi-Fi router project last week. Paul Spooren, developer at OpenWrt, emailed users on Friday regarding a security issue in the project's attended sysupgrade server (ASU) reported two days earlier by Ry0taK, a researcher at Japanese security firm Flatt Security. READ MORE...
Compromised Software Code Poses New Systemic Risk to U.S. Critical Infrastructure
The code that makes up the software now powering U.S. utilities is rife with vulnerabilities, including hundreds that are "highly exploitable," a new research report released by Fortress Information Security today finds. Researchers studied thousands of products and found troubling risk patterns. The report also shows that 25 percent of software components and 90 percent of software products contained code from developers in China. READ MORE...
Ultralytics AI model hijacked to infect thousands with cryptominer
The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers on devices running versions 8.3.41 and 8.3.42 from the Python Package Index (PyPI) Ultralytics is a software development company specializing in computer vision and artificial intelligence, specifically in object detection and image processing. It's best known for its advanced object detection model, which can quickly and accurately detect and identify objects in video streams in real time. READ MORE...
QR codes bypass browser isolation for malicious C2 communication
Mandiant has identified a novel method to bypass browser isolation technology and achieve command-and-control operations through QR codes. Browser isolation is an increasingly popular security technology that routes all local web browser requests through remote web browsers hosted in a cloud environment or virtual machines. Any scripts or content on the visited web page is executed on the remote browser rather than the local one. READ MORE...
- ...in 1883, physical trainer Joseph Pilates, creator of the exercise methods bearing his name, is born in Monchengladbach, Germany.
- ...in 1906, computer science pioneer and US Navy Rear Admiral Grace Hopper, the inventor of the first machine-independent program compiler, is born in New York City.
- ...in 1953, actor and producer John Malkovich ("Dangerous Liasons", "Burn After Reading") is born in Christopher, IL.
- ...in 1960, the first episode of "Coronation Street", the world's longest-running television soap opera, is broadcast by the British ITV network.
