<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

IT Security Newsletter - 6/25/2025

SHARE

Breaches

Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People

Mainline Health Systems and Select Medical Holdings have each disclosed data breaches affecting more than 100,000 individuals. In the case of Mainline Health, an Arkansas-based healthcare provider with over 30 locations, a network breach was detected in April 2024. However, the company only recently determined that files containing sensitive personal information were stolen at the time. READ MORE...


Aflac, one of the USA's largest insurers, is the latest to fall "under siege" to hackers

The Wall Street Journal reports that Aflac is investigating a breach that may have exposed claims information, health details, Social Security numbers, and other personal data. That's the kind of sensitive personal information you would expect your insurer to protect, not accidentally hand over to cybercriminals. According to Aflac, the attack came from a "highly sophisticated and well-known group that has the insurance industry under siege" READ MORE...

Hacking

China-Nexus 'LapDogs' Network Thrives on Backdoored SOHO Devices

Researchers have discovered yet another network of operational relay boxes (ORBs) controlled by suspected Chinese nation-state actors for cyber-espionage purposes. According to SecurityScorecard's STRIKE research team, the ORB network, nicknamed "LapDogs," has infected more than 1,000 nodes with a custom backdoor against "highly localized targets" in the US as well as Japan, South Korea, Hong Kong, and Taiwan. The researchers attributed the network to China-nexus actors with moderate confidence. READ MORE...

Software Updates

Don't panic, but it's only a matter of time before critical 'CitrixBleed 2' is under attack

Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous CitrixBleed flaw exploited by ransomware gangs and other cyber scum, although there haven't been any reports of active exploitation. Yet. Security analyst Kevin Beaumont dubbed the vulnerability "CitrixBleed 2." That earlier flaw (CVE-2023-4966) allowed attackers to access a device's memory, find session tokens, and impersonate an authenticated user. READ MORE...

Malware

Beware of fake SonicWall VPN app that steals users' credentials

Unknown miscreants are distributing a fake SonicWall app to steal users' VPN credentials. In a Monday threat intel alert, the firewall and VPN slinger said it and Microsoft spotted the info-stealing campaign, in which would-be thieves distributed a "hacked and modified version of SonicWall's SSL VPN NetExtender application that closely resembles the official SonicWall NetExtender software." READ MORE...

Information Security

BreachForums hacking forum operators reportedly arrested in France

The French police have reportedly arrested five operators of the BreachForum cybercrime forum, a website used by cybercriminals to leak and sell stolen data that exposed the sensitive information of millions. News of the arrests come from Le Parisien, which claims the law enforcement operation was carried out by the cybercrime unit (BL2C) of the Paris police department on Monday. Police carried out simultaneous raids in Paris, Normandy, and the Indian Ocean island of Réunion. READ MORE...


Africa Sees Surge in Cybercrime as Law Enforcement Struggles

Many African nations are suffering from significant epidemics of cybercrime, as citizens navigate economic uncertainty and increased access to the Internet, while law enforcement agencies tasked with investigating crimes often lack the necessary training. In the past year, online scam detections surged by a factor of 30 in some African nations, while cybercrime accounted for about a third of all reported crimes in countries in the eastern and western part of the continent. READ MORE...

Exploits/Vulnerabilities

Trezor's support platform abused in crypto theft phishing attacks

Trezor is alerting users about a phishing campaign that abuses its automated support system to send deceptive emails from its official platform. The company's support site allows anyone to open a ticket using any email address and subject line. The system then replies automatically, sending a case number and using the submitted ticket title as the email subject. Attackers abuse this feature by submitting tickets with titles containing urgent phishing messages. READ MORE...


New Vulnerabilities Expose Millions of Brother Printers to Hacking

Hundreds of printer models from Brother and other vendors are impacted by potentially serious vulnerabilities discovered by researchers at Rapid7. The cybersecurity firm revealed on Wednesday that its researchers identified eight vulnerabilities affecting multifunction printers made by Brother. The security holes have been found to impact 689 printer, scanner and label maker models from Brother and other manufacturers. READ MORE...

On This Date

  • ...in 1903, British novelist and journalist George Orwell ("1984", "Animal Farm") is born in Motihari, India.
  • ...in 1967, the Beatles record "All You Need Is Love" during the first worldwide, live television broadcast.
  • ...in 1981, Microsoft is incorporated as a business in Washington.
  • ...in 1984, Prince releases his most successful studio album, "Purple Rain."