Tag: breach
Microsoft 365 accounts are being compromised worldwide
A vast botnet of over 130,000 compromised devices is now attacking Microsoft 365 accounts worldwide. A botnet is a network of computing devices that have been surreptitiously taken over by hackers and are being controlled remotely without the owners’ knowledge. Microsoft 365 accounts are suffering from ‘password spray attacks’ by the botnet. This involves mass attempts to use large numbers of common passwords to infiltrate users’ Microsoft accounts, targeting basic authentication procedures and thereby bypassing multi-factor authentication.
‘Dark Unicorns’ target US healthcare
Ransomware attacks on the healthcare sector have risen by a third in 2024 with the US the prime target. Cybersecurity company Black Kite reports 374 incidents in the past year, a 32.16 percent rise in the number of attacks on the industry over 2023. Healthcare is now among the top targets for ransomware, surpassed only by manufacturing and professional services. The rapid rise in ransomware attacks on the healthcare sector is the result of increasing ruthlessness on the part of ransomware gangs. Until relatively recently, some sectors, such as healthcare and education, were considered off-limits. According to Black Kite, if an affiliated criminal gang attacked a healthcare organization, the core ransomware group would frequently step in, apologizing to the victim organization -sometimes even decrypting the ransomed data for free.
HPE Investigating Hacker Breach Claims – January 21st
Following claims from the IntelBroker group on BreachForums of having access to large amounts of Hewlett Packard Enterprise (HPE) company data, HPE has begun its investigations. The breach allegedly includes private GitHub repositories, Docker builds, and source codes. Arctic Wolf researchers helped HPE uncover the potential breach, and are continuing to work on validating the claim.
Women break glass ceiling of Russian cybercrime
Women cybercriminals and lady Darknet hackers are now starting to make inroads into the hitherto male-dominated fraternities of Russian-speaking cybercrime. According to the cybersecurity training and certification cooperative, the SANS Institute, women cybercriminals sometimes now pose as men in order to obfuscate their identities as well as to gain credibility among Russian-speaking criminals. The SANS Institute interviewed one such woman cybercriminal, who is referred to only as a "Confidential Human Source (CHS)" in order to comply with her request for anonymity. “I often took my boyfriend to in-person meetings,” CHS revealed, shining a new light on a so-far largely unrecognized aspect of cybercrime, the fact that cybercriminals meetings are frequently also conducted offline.
Ransomware gang turns SEC informant
When a top mob boss turns his co-criminals over to the authorities, the US Federal Bureau of Information labels him a ‘stool pigeon.’ Similarly, the AlphaV ransomware gang is turning informer, not on its rivals but on its victims. In what is a likely portent of things to come, the gang has had the nerve to inform on MeridianLink (MLNK) to the United States Securities and Exchange Commission (SEC) for being slow to report a ransomware attack that they themselves had initiated earlier in the month.