David
Change Healthcare Hit by Another Potential Cyber Attack – April 9th
Arriving just a month after a paid ransom was demanded following the massive data breach in February 2024, Change Healthcare reported on another potential cyberattack: extortion from the "ransomhub" group. Initiated by the new "ransomhub" group, with suspected connections to BlackCat, the double-extortion claim has yet to be confirmed by cybersecurity experts.
Cyber Consultant Claims Universities are More Vulnerable to Cyber Attacks – April 8th
Highlighting the severity of the University of Winnipeg data breach, Cybersecurity consultant Kathy Knight asserts that the education sector is one of the most vulnerable to cyber attacks, potentially leading to significant data loss and privacy breaches. “The thing about universities is they’re very big, complex institutions … and they collect a lot of information and data that is very attractive to cyber criminals. So that puts them really, at the top of the list, in terms of attack targets,” she said.
Visa’s Warning on RAT Campaign Targeting Financial Orgs – April 5th
Visa released an alert on the 'JsOutProx' remote access trojan (RAT) malware phishing campaign which targets financial institutions and customers. The JSOutProx malware linked to the 'Solar Spider' threat actor delivers a RAT that could steal sensitive data, establish a C2 connection, and extract Outlook information, among others.
55% of Organizations Plan to Use AI to Enhance Security – April 4th
According to a report released by the Cloud Security Alliance and Google Cloud, 55% of all organizations plan to use AI to boost security by 2025. The "State of AI and Security Survey Report," also found that 67% of organizations already tested and are pleased with AI-backed security capabilities.
Mid-Market Companies Invest 285% More in Cybersecurity – April 3rd
Corsica Technologies released a study that revealed mid-market companies invest 285% more in cybersecurity-managed services and sales growth. The study also revealed that 74% identified legacy software, and 52% found data integration to be a couple of the main challenges faced by midmarket companies.
Google to Remove Billions of Personal Data to Settle Privacy Case – April 2nd
Google agreed to remove billions of personal records amid the previously announced lawsuit, accusing the tech giant of illegal surveillance. The personal records belong to approximately 136 million Google Chrome users. To add to the settlement, Google will add more disclosures of the terms for their 'incognito mode' feature.
Millions of AT&T Data at Risk from Data Breach – April 1st
AT&T sent out a mass announcement to its customers, informing them that a dataset containing sensitive data from 7.6M current users and 65.4M former users is for sale on the dark web. To mitigate the breach, AT&T reset the passcodes of all its current users and will constantly communicate with customers to further protect accounts.
Finland Police Accuse Chinese APT31 Group of 2020 Parliament Attack – March 29th
Following the US-led sanctions on Chinese individuals behind the Chinese APT31 group, the Police of Finland formally accused the group of hacking Finland's parliament in 2020. The country's law enforcement confirmed the connections between the breach and the Chinese group, claiming to have identified one specific suspect.
‘INC Ransom’ Group Threatens to Release NHS Data – March 28th
The 'INC Ransom' ransomware group publicly threatened to release three terabytes of NHS Scotland sensitive patient and staff data, after publishing a smaller sample size proving the viability of the threat. NHS Dumfries and Galloway's efforts to prevent the attack from being repeated are underway in collaboration with Police Scotland and the National Cyber Security Centre (NCSC).
Facebook’s “Project Ghostbusters” Discovered to Spy on Snapchat Traffic – March 27th
A federal court in California earlier this week released documents that revealed Facebook's 2016 "Project Ghostbusters" campaign. The campaign was designed to mine Snapchat user data to understand their behavior better. The project was a part of Facebook's In-App Action Panel (IAPP) program, which used techniques to intercept and decrypt encrypted app traffic from Snapchat and, later, from YouTube and Amazon.
US Government Sanctions 7 Chinese Hackers – March 26th
The Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions against seven Chinese nationals based in Wuhan, China, for their affiliation with the 'APT31' hacking group. According to OFAC, APT31 is a nation-state-backed Chinese hacking group focused on infiltrating critical infrastructure in Eastern Europe, France, and the US.
UK Deputy PM Warns of Chinese Cyber Threats to Government – March 25th
The UK's Deputy Prime Minister, Oliver Dowden, is expected to formally announce to the press that China is behind a wave of cyber attacks against UK government officials and will urge the protection of voters' data. Despite the denial from China's Ministry of Foreign Affairs, the UK government remains on high alert for politically fueled cyber attacks as the election period nears.
Rise in Tax-Related Phishing Scams Detected – March 22nd
Microsoft's Threat Intelligence arm issued a warning on the rise of new, sophisticated tax phishing scams that could lead to stolen personal and financial data. These tax-related phishing scams are initiated by impersonating trusted employers, tax agencies, and payment processors. Victims click on a malicious attachment, which leads to a believable landing page designed to capture sensitive information.
CISA Warns of “Volt Typhoon” Group Targeting Critical Infrastructure – March 21st
The US Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about the Chinese-linked "Volt Typhoon" group, which is targeting critical infrastructure. The CISA warning, issued in collaboration with the National Security Agency (NSA) and the Federal Bureau of Investigation (FBI), confirmed the recent critical infrastructure attacks initiated by “Volt Typhoon” and the group's tactics and motives.
Chinese ‘Earth Krahang’ Group Compromised 70 Organizations – March 20th
Trend Micro reported on an advanced persistent threat actor linked to the Chinese government called ‘Earth Krahang’, compromising over 70 organizations, with a focus on governments. Focusing on cyber espionage, 'Earth Krahang' and its attacks target government agencies, affecting 48 government organizations across Asia, the Americas, Europe, and Africa.