IT Security Newsletter - 7/1/2025
Switzerland says government data stolen in ransomware attack
The government in Switzerland is informing that sensitive information from various federal offices has been impacted by a ransomware attack at the third-party organization Radix. The hackers have stolen data from Radix systems and later leaked it on the dark web, the Swiss government says. The exposed data is being analyzed with the help of the country's National Cyber Security Centre (NCSC) to determine which government agencies are impacted and to what effect. READ MORE...
International Criminal Court hit by new 'sophisticated' cyberattack
On Monday, the International Criminal Court (ICC) announced that it's investigating a new "sophisticated" cyberattack that targeted its systems last week. In a statement yesterday, the ICC revealed that it had contained a "sophisticated and targeted" cybersecurity incident, which was discovered by systems in place to detect cyberattacks targeting its systems. "This incident [...] was swiftly discovered, confirmed and contained, through the Court's alert and response mechanisms," the ICC said. READ MORE...
Data breach at healthcare services firm Episource affects 5.4M
A data breach at healthcare services firm Episource exposed information from 5.4 million people, according to a report submitted earlier this month to federal regulators. The company detected unusual activity on its computer systems in February, and an investigation found a cybercriminal had accessed and stolen some of its data, Episource said in a breach notification. The incident is one of the largest healthcare data breaches reported to the HHS' Office for Civil Rights so far this year. READ MORE...
263,000 Impacted by Esse Health Data Breach
Missouri healthcare provider Esse Health is notifying over 263,000 people that their personal information was stolen in a disruptive April 2025 cyberattack. The incident was discovered on April 21 and impacted the organization's access to the electronic medical record system, while also taking down its phone system. By May 13, the healthcare provider had restored certain systems and was able to fulfill scheduled appointments or procedures. READ MORE...
Scattered Spider Hacking Spree Continues With Airline Sector Attacks
A new wave of attacks on organizations in the aviation sector by members of "Scattered Spider" has drawn fresh attention to what Microsoft and others consider one of the most dangerous financially motivated threat group's currently active. In a post on X on Friday, the FBI warned of Scattered Spider actors deploying their usual slick social engineering tricks - which include deceiving IT help desks into granting them access - to attack airline companies and their partners. READ MORE...
Scammers have a new tactic: impersonating DOGE
Scammers are impersonating the Department of Government Efficiency in an effort to steal personal information and possibly take advantage of people who believe they'll receive direct compensation from the Elon Musk-created group's supposed efforts to cut down on waste, fraud and abuse. An email analyzed by experts at the cybersecurity firm Proofpoint, revealed a new scheme that involved scammers pretending to be a DOGE agent looking to steal personal information. READ MORE...
50 customers of French bank hit after insider helped SIM swap scammers
French police have arrested a business student interning at the bank Société Générale who is accused of helping SIM-swapping scammers to defraud 50 of its clients. According to a report in Le Parisien, the intern is alleged to have helped fraudsters embezzle more than one million Euros from customers' accounts by providing clients' banking information to fraudsters. The unnamed intern was working at the bank's headquarters on Boulevard Haussmann in Paris. READ MORE...
US government warns of new Iran-linked cyber threats on critical infrastructure
U.S. government officials said critical infrastructure operators should be on alert for Iranian cyberattacks. In a threat advisory published Monday, multiple agencies said Iran might target U.S. firms "for near-term cyber operations" due to "the current geopolitical environment" - a reference to the Trump administration joining Israel's aerial campaign against Iran's nuclear program and related assets. READ MORE...
US shuts down a string of North Korean IT worker scams
The US Department of Justice has announced a major disruption of multiple North Korean fake IT worker scams. The feds say that they uncovered [PDF] the North Korean IT staff working at over 100 US companies using fictitious or stolen identities and not only drawing salaries, but also stealing secret data for delivery to Pyongyang's servers. They were also on the lookout for virtual currency. In one case, a fake worker is accused of stealing around $740,000 in digicash from their US employer. READ MORE...
Critical Microsens Product Flaws Allow Hackers to Go 'From Zero to Hero'
Critical vulnerabilities affecting a product made by Germany-based Microsens can be exploited by hackers to conduct remote attacks against organizations. Microsens provides a wide range of connectivity and automation solutions for industrial organizations and enterprises, including switches, converters, building controllers, and transceivers. The company's NMP Web+ product enables users to control, monitor and configure industrial switches and other Microsens network equipment. READ MORE...
- ...in 1863, the Battle of Gettysburg begins in Gettysburg, PA.
- ...in 1934, blues musician and songwriter Willie Dixon is born in Vicksburg, MS.
- ...in 1963, the US Postal Service introduces the ZIP Code.
- ...in 1979, Sony introduces the Walkman, the first commercially successful personal stereo audio device.