The 16 hospitals struck down by ransomware last week are still dealing with the fallout from the attack. The healthcare facilities located in Connecticut, Pennsylvania, Rhode island, and California had the ransomware attack confirmed by the FBI. Issues started to emerge last Thursday with patients diverted to other locations and some operations put on hold. READ MORE...
The July breach of Microsoft Exchange Online by suspected Chinese hackers is the next topic up for review by the Department of Homeland Security's Cyber Safety Review Board (CSRB). DHS secretary Alejandro Mayorkas announced the review last Friday, saying it would assess the Microsoft intrusion, as well as conducting a broader review of identity and authentication infrastructure used by cloud providers. READ MORE...
Entities using the name and iconography of Anonymous (EUTNAIOA) claim to have conducted cyber protests against the Japanese government for actions related to the release of wastewater from the Fukushima Daini Nuclear Power Plant. In an operation dubbed "Tango Down," The Anonymous Italia Collective claims to have attacked 21 government and other websites associated with the Fukushima facility, which in 2011 infamously experienced damage to three reactor cores after an earthquake and tsunami. READ MORE...
The Knight ransomware is being distributed in an ongoing spam campaign that pretends to be TripAdvisor complaints. Knight ransomware is a recent rebrand of the Cyclop Ransomware-as-a-Service, which switched its name at the end of July 2023. The Cyclops ransomware operation launched in May 2023 when the operators began recruiting affiliates for the new ransomware-as-a-service (RaaS) on the RAMP hacking forum. READ MORE...
The year is 2023 and there still are some people using Internet Explorer on planet Earth. More shocking perhaps, is the fact there are still threat actors maintaining exploit kit infrastructure and dropping new malware. In this quick blog post, we review two well-known toolkits from the past, namely RIG EK and PurpleFox EK with the latest traffic captures we were able to collect. READ MORE...
AdLoad, well-known malware that has been targeting systems running macOS for over half a decade, has been observed delivering a new payload that - unbeknown to the owners - enlisted their systems into a residential proxy botnet. According to AT&T Alien Labs threat intelligence researchers, who analyzed over 150 samples of the malware they found in the wild, many devices are infected. READ MORE...
Several vulnerabilities discovered in the ScrutisWeb ATM fleet monitoring software made by French company Iagona could be exploited to remotely hack ATMs. The security holes were discovered by Synack Red Team members and they were patched by the vendor in July 2023 with the release of ScrutisWeb version 2.1.38. ScrutisWeb allows organizations to monitor banking or retail ATM fleets from a web browser, enabling them to quickly respond to problems. READ MORE...