November 30, 2025

Dark Light

Search

cybercrime Healthcare News

0

25

Healthcare cyber-attacks now “a national security threat”

Search engine giant’s Google Threat Intelligence Group reports that cybercriminal and state-backed cyber-attacks on the healthcare sector in countries such as the US and UK have escalated to a level where they are actually costing lives.

“Healthcare’s share of posts on data leak sites has doubled over the past three years, even as the number of data leak sites tracked by Google Threat Intelligence Group has increased by nearly 50% year over year. The impact of these attacks means that they must be taken seriously as a national security threat, no matter the motivation of the actors behind it,” says Google.

Healthcare News ransomware

0

20

‘Dark Unicorns’ target US healthcare

Ransomware attacks on the healthcare sector have risen by a third in 2024 with the US the prime target. Cybersecurity company Black Kite reports 374 incidents in the past year, a 32.16 percent rise in the number of attacks on the industry over 2023. Healthcare is now among the top targets for ransomware, surpassed only by manufacturing and professional services.

The rapid rise in ransomware attacks on the healthcare sector is the result of increasing ruthlessness on the part of ransomware gangs. Until relatively recently, some sectors, such as healthcare and education, were considered off-limits. According to Black Kite, if an affiliated criminal gang attacked a healthcare organization, the core ransomware group would frequently step in, apologizing to the victim organization -sometimes even decrypting the ransomed data for free.

Apple Malware News

0

20

MacOS users targeted by ‘infostealer’ malware

Apple computer users are suffering a growing number of ‘infostealer’ attacks across multiple regions and industries. These are a form of malicious software created to breach computer systems in order to steal sensitive information.

The Palo Alto Networks Unit42 research group has detected a 101 percent increase in macOS infostealers in the last two quarters of 2024. The researchers identified three particularly prevalent macOS infostealers: Poseidon, Atomic, and Cthulhu.

The developers of Atomic Stealer sell it as malware as a service (MaaS) in hacker forums and on Telegram. The Atomic Stealer operators usually distribute their malware via malvertising – the use of online advertising to spread malware. This typically involves injecting malicious or malware-laden advertisements into legitimate online advertising networks and webpages. It is capable of stealing notes and documents, browser data such as passwords, and cookies, cryptocurrency wallets, and instant messaging data. Atomic Stealer, also known as AMOS was first discovered in April 2023.

Big Tech Data Leak News

0

16

Bucket shop bargains for cybercriminals

Researchers have revealed current vulnerabilities in Amazon’s data storage services, the knock-on effect of which could potentially result in the biggest supply-chain attack in the internet’s history.

In November 2024, watchTowr Labs decided to show how a significant Internet-wide supply-chain attack could be caused by abandoned infrastructure left unattended and forgotten on the internet. The researchers chose to focus on an Amazon business data storage service, known as ‘S3 buckets’.

AI Big Tech News

0

16

Cybercriminals Weaponize Google AI assistant

Cybercriminals have been quick to see nefarious possibilities in search engine giant Google’s new Gemini 2.0 AI assistant. According to Google’s own findings, nation-state-backed threat actors are already leveraging Gemini to accelerate their criminal campaigns.

The actors are using Gemini 2.0 for “researching potential infrastructure and free hosting providers, reconnaissance on target organizations, research into vulnerabilities, payload development, and assistance with malicious scripting and evasion techniques,” says Google.

Arrest cybercrime News

0

14

Cybercrime forums span national boundaries

The bust of the illegal Cracked and Nulled crime forums evidences the global nature of cybercrime and the impossibility of seeing it as a threat that has no regard for national boundaries.

Although at least 17 million US citizens were victims of the crime forums. law enforcement agencies in the United States, Romania, Australia, France, Germany, Spain, Italy, and Greece were all involved in the bust, according to the US Department of Justice.

Healthcare News ransomware

0

16

‘Hellcat’ is new breed of cybercriminal

A ransomware gang, Hellcat, that emerged in 2024 is being seen as representative of a new type of threat actor using off-the-shelf malware and innovative extortion techniques.

According to cybersecurity company Cato Networks: “Hellcat’s emergence in 2024 marks a troubling shift in the landscape of cybercrime. By leveraging a ransomware-as-a-service (RaaS) model and utilizing double extortion tactics, Hellcat has not only increased the accessibility of ransomware but also heightened the psychological impact on its victims.”

AI Cybersecurity Executives Expert Opinions Featured SMB

0

27

Shoring up SMEs Cyber-Defenses

In an exclusive interview with Cyber Intelligence, CEO and co-founder of cybersecurity firm EyeR, Sean Tsvik, explains what small-to-medium-sized organizations (SMEs) can do to protect their systems and customers’ critical data from increasingly sophisticated cyber-attacks.
They should start by using a managed detection and response (MDR) service. That allows medium-sized organizations to protect themselves against increasingly sophisticated cyber-attacks without paying high salaries to in-house cyber experts. MDR services work out costing only a couple of dollars per endpoint and are by far the best starting point for small-to-medium-sized companies looking to strengthen their cyber defenses. Small organizations can also benefit from moving to the cloud as this leaves even fewer endpoints to secure.

0

15

Chinese AI offering rattles Big Tech investors

The start of this week saw roughly $1 trillion wiped off leading US tech stocks, following the launch of Deepseek, a Chinese rival to AI offerings such as Microsoft ChatGPT. What has really spooked the markets is that the Chinese artificial intelligence (AI) assistant uses less data and generates lower all-round costs than its current Silicon Valley rivals.

The expense of training and developing DeepSeek’s models is claimed to be only a small fraction of that required for OpenAI, putting into question the need to invest in the latest and most powerful AI accelerator chips from Nvidia. At the start of trading this week, Shares in Nvidia dropped a full10 percent and AI data analytics company Palantir lost seven percent in pre-market trading. Microsoft, Google’s parent company Alphabet, and Meta all also experienced a drop in their share price.

News One Minute Roundup

0

13

HPE Investigating Hacker Breach Claims – January 21st

Following claims from the IntelBroker group on BreachForums of having access to large amounts of Hewlett Packard Enterprise (HPE) company data, HPE has begun its investigations.

The breach allegedly includes private GitHub repositories, Docker builds, and source codes. Arctic Wolf researchers helped HPE uncover the potential breach, and are continuing to work on validating the claim.

News One Minute Roundup

0

12

Healthcare Attacks will not Slow Down in 2025 – January 22nd

According to a report by Netwrix, 84% of organizations in the healthcare sector faced a cyber attack in 2024 and predicts this will not slow down in 2025.

The report also found that nearly 70% of healthcare organizations have dealt with financial damages brought about by cyber incidents. Additionally, 21% reported a change in leadership due to the attacks last year.

Breaking News European Union News

0

14

The rising costs of DORA compliance

The European Digital Operational Resilience Act (DORA), which came into force on Friday, January 17, is already having unforeseen costs for organizations right across the financial sector. Although the act is the brainchild of the European Union (EU), the financial services industry has been global for some years, and firms in the US and the UK are also impacted. As of Friday, the new regulations now also apply to US companies providing financial services within the EU or catering to EU customers.

California-based cybersecurity company Rubrik has commissioned research that almost half of UK financial businesses report spending over €1 million each over the last two years in trying to comply with the new EU regulation. DORA mandates key provisions such as contractual safeguards and contingency plans to mitigate risks from partners and third parties. DORA compliance also requires regular testing of digital resilience and attack simulations.

News One Minute Roundup

0

13

Mercedes Benz Vulnerability Places Risk of Remote Access – January 20th

CERT-UA warns of attackers impersonating the agency via fake AnyDesk requests for “security audits.” Remote access should only occur with prior approval through official channels to mitigate these risks.

Amid ongoing cyberattacks linked to the Russo-Ukrainian war, over 1,042 incidents were detected in 2024, including espionage and malware campaigns by groups like Gamaredon and Sticky Werewolf. Pro-Russian and pro-Ukrainian actors continue targeting each other with phishing and credential theft efforts.

AI cybercrime Geopolitics News

0

21

WEF predicts perfect storm for cybercrime

The World Economic Forum (WEF) Global Cybersecurity Outlook 2025 reports that several compounding factors are creating an increasingly complex and risky business environment. These include the growing complexity of supply chains, rising geopolitical tensions, cybercriminal’s increasing use of artificial intelligence (AI), and the entry of traditional organized crime groups into cybercrime.

Ransomware remains the top organizational cyber risk year on year, with 45 percent of respondents ranking it as a top concern in this year’s survey. Over half of the large organizations surveyed worldwide, 54 percent, identified supply chain challenges as the most challenging barrier to achieving cyber resilience, citing the increasing complexity of supply chains, coupled with a lack of visibility and oversight into the security levels of suppliers.

China Cyber Espionage News

0

17

FBI unplugs Chinese hackers

The US Justice Department and FBI have completed a law enforcement operation to delete Chinese malware from approximately 4,258 U.S.-based computers and networks. The international operation was led by French law enforcement and France-based private cybersecurity company Sekoia.io.

According to court documents unsealed in the Eastern District of Pennsylvania, a group of hackers paid by the People’s Republic of China (PRC), known as “Mustang Panda” and “Twill Typhoon,” used a version of PlugX malware to infect, control, and steal information from victim computers. Since at least 2014, Mustang Panda hackers have infiltrated thousands of computer systems in campaigns targeting US victims, European and Asian governments and businesses, and Chinese dissident groups.

AI News ransomware

0

15

AI enables ransomware boom

A new ransomware group, named Funksec, is the latest example of relatively inexperienced cybercriminals using AI to develop weaponized malware. The group claims that over 85 organizations fell victim to its ransomware attacks in December alone, potentially surpassing every other ransomware group in terms of victim numbers.

According to Check Point Research: “FunkSec operators appear to use AI-assisted malware development which can enable even inexperienced actors to quickly produce and refine advanced tools…Presenting itself as a new Ransomware-as-a-Service (RaaS) operation, FunkSec appears to have no known connections to previously identified ransomware gangs.”

Cybersecurity Executives Expert Opinions Featured SMB

0

20

SMEs in urgent need of cybersecurity overhaul

In an exclusive interview with Cyber Intelligence, Brian Buiwe, Technology Specialist at Sage, explains how SMEs and other smaller organizations urgently need to re-address their approach to cybersecurity.

There is a huge knowledge gap among C-suite executives of small-to-medium-sized enterprises (SMEs), as well as among other professionals such as senior doctors and lawyers, where cybersecurity is concerned. Many do not yet grasp the urgent need for cybersecurity. The mainstream media has actually done a very poor job of keeping them informed of the growing threat facing all sectors.

China Geopolitics News

0

20

China ramps up cyber-attacks on the US

The latest US security breach attributed to systematic attempts by China to compromise US institutions and critical infrastructure has impacted the US Treasury. The intrusion is being billed as “a major cybersecurity incident”.

According to a letter from the US Department of the Treasury: “The threat actor was able to override the service’s security, remotely access certain Treasury Departmental Office user workstations, and access certain unclassified documents maintained by those users… Based on available indicators, the incident has been attributed to a China state-sponsored Advanced Persistent Threat (APT) actor.”

AI Cybersecurity Executives Expert Opinions Featured

0

27

Security minefield ahead for GenAI users

In an exclusive interview with Cyber Intelligence, Gadi Bashvitz, CEO of cybersecurity testing firm, Bright Security warns of the security challenges facing organizations in the wake of widespread adoption of GenAI.

Cyber Intelligence: Are there any specific dangers of which companies using GenAI to generate new code should be particularly aware?

Gadi Bashvitz: There are multiple considerations here. On one hand, any solution developed leveraging LLMs is prone to LLM-specific vulnerabilities such as Insecure Output Handling and Broken Access Control and it is critical to make sure organizations are aware and can detect such vulnerabilities before releasing LLM-based solutions.

Banking Threats Finance News

0

16

Ransomware gangs target law and accountancy firms

In what is bad news for law and accounting firms, the professional and technical services sector has now overtaken the manufacturing sector as the prime target for ransomware attacks of Q3 2024.

According to cybersecurity company Nuspire: “These firms handle highly sensitive client data, such as financial records, legal documents, and business strategies, making them prime targets for ransomware operators.”

Nuspire predicts that, with ransom demands averaging around $2.5 million a hit for law firms, ransomware operators will continue to target this sector as long as the potential rewards outweigh the effort. The situation is particularly dire for smaller practices, which may lack the resources to protect against today’s increasingly ruthless and sophisticated cyber-attacks.

News Vulnerability Workforce Cyber

0

19

Unsecured PCs and laptops put organizations at risk

Tech giant HP has issued a stark warning that most global organizations fail to secure the hardware and firmware of PCs, laptops and printers, “weakening cybersecurity posture for years to come.”

According to a new report from HP’s Wolf Security Unity, 68 percent of IT and security decision-makers (ITSDMs) report that investment in hardware and firmware security is often overlooked in the total cost of ownership (TCO) for devices.

“This is leading to costly security headaches, management overheads, and inefficiencies further down the line,” says HP.

Geopolitics News Russia

0

24

Russian cyber gangs escalate attacks on US

Two Russian groups, the People’s Cyber Army and Z-Pentest, claim to have taken attacks on critical infrastructure in the US to a new and more dangerous level. Dark web researchers at threat intelligence firm Cyble have discovered Telegram videos detailing attacks on US energy and water facilities far beyond the previously supposed capabilities of such groups.

Cyble believes that the two groups may be working in cooperation with one another. Previously, the People’s Cyber Army, which also goes by the name of the Cyber Army of Russia Reborn, and lesser-known groups such as Z-Pentest, have largely confined their attacks on US critical infrastructure to simple and easy-to-repel distributed denial of service (DDoS) attacks.

Analysis Data Leak Vulnerability

0

18

The data currency time bomb

Corporations are not only amassing huge amounts of personal data on their customers as never before but also trading that data, frequently without the customer’s knowledge. As yet, the general public is largely unaware of the uses to which their personal information is being put or whose hands it ends up in. At the same time, companies holding the data must tread an increasingly complex regulatory minefield.

According to Chris Diebler, Security VP at cybersecurity company DataGrail: “Companies are all terrified of not having enough data as data is the new currency. However, companies need to think seriously about reducing these vast mountains of data. The value of data must be balanced against the cost and security risk of maintaining it.”

Companies that fail to secure personal data effectively or trade customer data with third parties face considerable potential brand damage when the details are obtained by bad actors and they suffer identity theft or financial fraud as a consequence.

News One Minute Roundup

0

15

UK Takes Down Russian Money Laundering Ring – December 5th

The FBI warns the public about rising fraud schemes using generative artificial intelligence. The FBI observed that GenAI can be utilized by hackers to create fraudulent social media accounts, generate false websites to entice cryptocurrency investors, and create AI chatbots in order to lure victims into clicking malicious links.

News One Minute Roundup

0

12

INC Ransom Hits Three UK Health Orgs – December 4th

German authorities have made arrests linked to drug-selling platform Crimenetwork, seizing over $1 million in crypto assets. Crimenetwork is alleged to be the largest darkweb marketplace in the country and enabled users to buy and sell drugs, and offered illicit services such as the forging of documents and trading of stolen data.

Cybersecurity Executives Expert Opinions Vulnerability

0

13

How can companies deal with data overload?

Sanjaya Kumar, MD, is the CEO of cybersecurity company SureShield, Inc. Dr. Kumar has more than 25 years of healthcare compliance, risk management, and security experience. In an exclusive interview with Cyber Intelligence, he outlines the challenge presented by the current environment of data overload and some of the steps organizations should take to mitigate the associated risks from it.

News One Minute Roundup

0

15

Stoli Announces Bankruptcy after Ransomware – December 3rd

Vodka Manufacturing Group Stoli USA declares bankruptcy after a ransomware attack. In a filing on Nov 29, CEO Chris Caldwell states that the ransomware attack was one factor among several others that led them to the bankruptcy filing, including decades-long legal battles with the Russian government.

cybercrime News Retail

0

16

Seasonal cybercrime bonanza is under way

Cybercriminals now have an unprecedented of highly effective custom-made tools designed to defraud online retailers and shoppers during the holiday season.

“As we approach the end of 2024, the upcoming holiday season and events like Thanksgiving, Black Friday, Cyber Monday, and Christmas bring millions of shoppers online with attractive discounts and limited-time offers. They also create ideal conditions for cybercriminals to exploit users and shoppers,” warns threat intelligence firm FortiGuard in its report, Threat Actor Readiness for the Upcoming Holiday Season.

News Retail Vulnerability

0

24

Scammers circling Black Friday shoppers

Scammers have stolen £11.4 billion from UK citizens over the last 12 months. According to the Global Anti-Scam Alliance’s (GASA) latest report, The State of Scams in the UK, conducted in association with the UK’s leading fraud prevention service, Cifas, this represents an increase of £4 billion over the previous year.

With the Black Friday sales bonanza looming on both sides of the Atlantic, the findings come as a timely warning to online shoppers. GASA and Cifas anticipate a further spike in scam attempts this week and re-urging consumers to remain vigilant. The warning comes as 1 in 7 (15 percent) consumers surveyed said they lost cash to criminals in 2024, an increase from 10 percent in 2023. The average loss per victim was £1,400, and only 18 percent of victims recovered all their money.

Cyber Espionage News Vulnerability

0

16

US water supply threatened by cyber-attacks

The USA’s drinking water is under threat. According to the US Environmental Protection Agency (EPA), 97 drinking water systems serving around 27 million users have critical or high-risk cybersecurity.

Although the EPA’s latest report focuses on the potential financial costs of cyber-attacks, there is also strong evidence that such attacks could also result in significant loss of life, with thousands or even millions of people being deliberately poisoned by terrorists or a hostile foreign power.

“We estimate that a [California] state-wide water service disruption could potentially cost at least $61 billion in lost revenue per day,” says the EPA report, Cybersecurity Concerns Related to Drinking Water Systems.

AI Cybersecurity Executives Expert Opinions

0

14

Generative AI – the current state of play

In an exclusive interview with Cyber Intelligence, Mike Finley, the Co-Founder and CTO of AnswerRocket, a business intelligence platform that deals with big data and AI agents, explains what generative AI can do for companies right now.

AI is changing faster than people are capable of understanding. So the general misunderstanding of what AI can do is going to be a lasting problem. The fact is that key scientists believe AI is now capable of improving itself, meaning we are at the start of a runaway path forward. At AnswerRocket, our basic DNA is artificial intelligence (AI) to enable business intelligence (BI). This obviously took a new direction with the widespread introduction of generative AI, but our basic approach remains the same.

Cyber Espionage cybercrime News

0

14

Cybercriminals pose as law enforcement agencies

The US Federal Bureau of Investigation (FBI) has issued an urgent warning to business and law enforcement agencies that cybercriminals are using genuine stolen US and foreign government email addresses to hack into companies.

As of August this year, the FBI has observed an increase in posts on criminal forums relating to fraudulent emergency data requests. In August 2024, a cyber-criminal known to the FBI offered for sale, “High Quality .gov emails for espionage/social engineering/data extortion requests, etc”, that included official US credentials. The cyber-criminals also offered to guide buyers through emergency data requests and to sell real stolen subpoena documents to allow the buyer(s) to pose as law enforcement officers.

Business Email Compromise News Phishing

0

9

Copyright infringement scam goes global

Since July of this year, cybersecurity firm Check Point has been tracking an ingenious form of online fraud that is rapidly spreading across the US, Europe, East Asia and South America. The attackers impersonate dozens of legitimate companies, claiming the victim’s organization has infringed their copyright.

Weaponized emails, which appear to come from the legal representatives of the impersonated companies, accuse the recipient of misusing their brand on the target’s social media page and requesting the removal of specific images and videos. The phishing emails are typically sent from Gmail accounts and prompt recipients to download an archive file. which then installs the latest version of the Rhadamanthys infostealer stealer (version 0.7) in order to steal critical information from the victim’s organization.

Data Leak Human Error News

0

11

Disgruntled ex-Disney employee highlights insider threat

The Walt Disney Company, which has long had a history of troubled labor relations, recently found itself the victim of a disgruntled former employee. According to an affidavit in support of a criminal complaint against the former employee, Michael Scheuer, Disney discovered a security breach allegedly used to make its menus unusable, together with the redirection of QR codes to direct Disney customers to a website calling for a boycott of Israel.

More seriously, it alleged that the threat actor manipulated allergen information on Disney menus, indicating that certain menu items were safe for people with peanut allergies when, in fact, they could have been potentially deadly for some diners. Scheuer is also alleged to have conducted denial of service attacks on four former colleagues and to have paid visits outside the home of one of them.

Cybersecurity Executives Expert Opinions Healthcare Personal Services

0

14

The root of the problem for dentists

In an exclusive interview with Cyber Intelligence, Tom Terrenez, the chief executive of Medix Dental IT, describes the cyber-threats currently overwhelming many US dental practices. His warnings concerning data can be equally applied to doctors’ surgeries, upmarket beauticians and hairdressers, and other small businesses that provide personal services.

cybercrime Malware News

0

17

US is top target for mobile cybercrime

The US is the top target for cyber-attacks focusing on mobile devices and those connected by the Internet of Things (IoT) plus the operational technology (OT) systems than run facilities such as power plants.

According to cybersecurity firm Zscaler’s ThreatLabz 2024 Mobile, IoT, and OT Threat Report, mobile remains a top threat vector, with 111% growth in spyware and 29% growth in banking malware. Technology (18 percent), education (18 percent) and manufacturing (14 percent) continue to be the sectors most targeted by mobile malware. The education sector saw the most dramatic rise in blocked transactions, with a 136 percent increase on the previous year.

cybercrime News Vulnerability

0

11

Cybercriminals crack MFA defenses

Cybercriminals are now using social engineering techniques developed to crack passwords to break through multi-factor authentication (MFA) defenses, such as sending a code to another device, such as the user’s smartphone.

According to the UK’s National Cyber Security Centre (NCSC) report, Not all types of MFA are created equal…: “Attackers have realized that many of the same social engineering techniques that tricked us into handing over passwords can also be updated to overcome some methods of MFA. We’ve seen the success of attacks against MFA-protected accounts increasing over the past couple of years.”

cybercrime News Russia

0

14

GoldenJackal targets top-secret installations

An as-yet-unidentified group, known only as GoldenJackal with suspected links to the Russian state, is targeting high-security networks that are intentionally isolated from the internet. Confidential data is frequently stored in “air-gapped” computers that do not have an online connection and were, until now, virtually impossible to hack.

But cybersecurity firm ESET now reports that GoldenJackal was deploying “a highly modular toolset” against a government organization in a European Union (EU) country between May 2022 and March 2024. This follows similar ongoing attacks on air-gapped systems in Belarus that began in August 2019.

AI deepfake News

0

16

Insider attacks rise by over 50 percent

Insider attacks, where staff either deliberately or accidently compromise an organization’s security, are rising steeply. According to Cybersecurity firm, Gurucul, almost half of organizations, 48 percent, report that insider attacks have become increasingly common over the last 12 months. Just over half, 51 percent, experienced six or more such attacks in the past year.

Gurucul’s 2024 Insider Threat report identifies the major causes for the sudden spike in insider attacks: “The top three drivers behind the surge in insider attacks are complex IT environments (39 percent), the adoption of new technologies (37 percent), and inadequate security measures (33 percent).”

1
2
3
4
5
6