November 30, 2025

Dark Light

Search

cybercrime Healthcare News

0

29

BlackCat gives go-ahead for healthcare attacks

Following actions taken against the infamous BlackCat ransomware group in December by the US Federal Bureau of Investigation (FBI), the cybercriminal gang has warned it is taking off the gloves in its fight with law enforcement. BlackCat previously took pride in regularly announcing that it does not encourage or support affiliates who target crucial sectors such as healthcare. But this approach has changed radically since the end of 2023.

“Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized. This is likely in response to the ALPHV Blackcat administrator’s post encouraging its affiliates to target hospitals after operational action against the group and its infrastructure in early December 2023,” said the FBI.

Automotive China News

0

30

Joe Biden to cripple China’s car industry

US President Joe Biden has dealt a potentially devastating blow to China’s tottering economy by accusing China’s auto industry of posing a serious cyber risk to US national security. An impassioned speech from the President concerning the cyber threat posed by China comes only weeks after a similar warning from the US Federal Bureau of Investigation (FBI) concerning China’s plans to launch a cyber-attack on US national infrastructure.

“China is determined to dominate the future of the auto market, including by using unfair practices. China’s policies could flood our market with its vehicles, posing risks to our national security. I’m not going to let that happen on my watch,” promises the President.

Cyber Espionage Geopolitics News

0

30

Geopolitical crises fuel cyber-attacks in the US

As geopolitical tensions and conflicts rise across the globe, so are cyber-attacks on critical Western infrastructure, particularly industrial facilities running on operation technology (OT) systems.

Ransomware attacks on industrial organizations increased by over 50 percent in 2023, according to a report by cybersecurity firm Dragos: OT Cybersecurity – 2023 in Review. Seventy percent of all ransomware attacks targeted 638 manufacturing entities in 33 unique manufacturing subsectors.

Dragos tracked a total of 21 threat groups targeting industrial organizations including three new threat groups: Gananite, Laurionite, and Voltzite. Dragos reports all three new groups as conducting diverse operations against various organizations, including cybersecurity research firms, government and military defense entities, rail, manufacturing, automotive, and utilities. Voltzite has been the most active of the three in targeting critical infrastructure.

News One Minute Roundup

0

11

US Energy Sector Receives a $45M Investment to Bolster Cybersecurity – February 27th

As part of the US Biden-Harris administration’s “Investing in America” agenda, the US energy sector received a $45M investment to bolster the sector’s cybersecurity infrastructure.

The announcement strengthens the US government’s initiatives to boost cybersecurity efforts for critical infrastructure, in light of attacks on US critical infrastructure.

News One Minute Roundup

0

10

I-Soon Leak Offers Glimpse Into Chinese Hacking Campaigns – February 22nd

The Chinese Police reported on a nation-state sensitive data leak on Chinese company, I-Soon.

The data uncovers in detail, methods used by Chinese authorities to surveil dissidents, and hacking networks across Central and Southeast Asia.

News One Minute Roundup

0

10

Facebook Marketplace User Data For Sale – February 14th

A cyber-criminal known as “algoatson” placed the data of over 200,000 Facebook Marketplace users for sale on Breach Forums, an illicit marketplace.

The Facebook Marketplace compromised user information including full names, passwords, Facebook IDs, emails, and phone numbers, which was claimed to be stolen on October 2023.

cybercrime News ransomware

0

30

Ransomware payments top US$1 billion in 2023

Last year, ransomware payments topped US$1 billion for the first time. According to a report from blockchain analyst firm Chainalysis, in 2023 ransomware gangs reached “an unprecedented milestone” in extorted cryptocurrency payments.

“This number does not capture the economic impact of productivity loss and repair costs associated with attacks. This is evident in cases like the ALPHV-BlackCat and Scattered Spider’s bold targeting of MGM resorts. While MGM did not pay the ransom, it estimates damages cost the business over US$100 million,” warns the report.

News One Minute Roundup

0

13

US Sanctions 6 Iranian Officials for Cyber Espionage Attacks – February 5th

The US Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions placed on six Iranian officials behind cyberattacks on US critical infrastructure entities.

The Treasury Department further stated all six officials have strong involvement in US critical infrastructure attacks using Israel-made programmable logic controllers and are suspected to span the water, healthcare, and public sectors.

Cyber Espionage Energy Sector News

0

20

Critical infrastructure under increased attack

France-based Schneider Electric became the latest utility company to succumb to a ransomware attack on January 17, when some of its business divisions serving several critical industries were taken down. Although access to the system was eventually re-opened on January 31st, the incident underlines the growing seriousness of cyber-attacks aimed at the West’s critical infrastructure. Schnieder Electric has an annual turnover of over 42 billion and employs over 150,000 people.

The ransomware attack on Schneider Electric coincides with news that, in the US, the Federal Bureau of Investigation (FBI) has recently neutralized a botnet controlled by a Chinese threat group. The White House had previously authorized the FBI to take down the botnet after federal agencies and private sector researchers had accused cyberespionage gang Volt Typhoon of a major campaign aimed at a wide range of the US’s critical infrastructure.

News One Minute Roundup

0

11

CISA and EPA Launch Water Sector Cyber Toolkit – February 2nd

CISA and EPA Launch Water Sector Cyber Toolkit Amid the recent string of critical water infrastructure cyber attacks, the Cybersecurity and Infrastructure Security Agency (CISA) and the Environmental Protection Agency (EPA) co-launched a toolkit to fortify the cybersecurity posture of water and wastewater systems in the United States. The water sector cyber toolkit serves as […]

News One Minute Roundup

0

20

Critical Sectors Faced 13 Cyber Attacks per Second in 2023 – January 30th

A Forescout Research – Vedere Labs report disclosed that over 420 million attacks were recorded between January and December 2023 in the medical, power, communications, waste, manufacturing, and transportation equipment sectors, amounting to 13 attacks per second.

Forescout’s report “2023 Global Threat Roundup” states that despite the ongoing surge in cyber attacks, the cybersecurity landscape remains optimistic considering proceedingly enhanced visibility and proactive defense strategies in the affected sectors.

News One Minute Roundup

0

8

Government Vulnerabilities Grow by 151% – January 26th

According to a Bugcrowd report, no other sector saw as much vulnerability growth as the government sector, which saw a 151% surge and a 58% rise in critical vulnerabilities.

Following the government sector were the retail (+34%), corporate services (+20%), and computer software (+12%) sectors.

News One Minute Roundup

0

12

Cyberattack Halts Albanian Parliament Data System – December 29th

Albania’s Parliament announced it was hit by a cyberattack targeting its data system, resulting in halting the Parliament’s services.

The Albanian Parliament assured that although disrupted, the data was not encrypted by the threat actors and that their services would go back online soon.

News One Minute Roundup

0

10

US White House Issues Executive Order to Improve Nation’s Cybersecurity – December 22nd

On December 21st, the U.S. White House issued Executive Order (EO) 14028, “Executive Order on Improving the Nation’s Cybersecurity,” which emphasized modernizing cybersecurity infrastructure by coding in more secure ways.

A more detailed excerpt from the Executive Order stated; “Software engineers, developers, and coders must build secure code and security controls into the code they create. They need to make security by design and security by default software-design requirements.”

News One Minute Roundup

0

9

The UK is at ‘High Risk’ of Ransomware Attacks – December 14th

The Joint Committee on National Security Strategy (JCNSS) published a report “A hostage to fortune: ransomware and UK National Security,” which revealed the UK’s lack of planning against ransomware attacks.

Targeted mainly at the critical cyber infrastructure of the UK government, the JCNSS report warns that a severe attack could disrupt the core of government services, healthcare, and child protection, which could lead to bringing the country to a ‘standstill’.

Energy Sector News Supply Chain

0

17

Top 10 US energy firms hit by 3rd-party attacks

Nine out of ten of the world’s leading energy companies, including the top ten US energy companies, experienced a third-party data breach sometime in the last 12 months. According to cybersecurity ratings company Security Scorecard, while only four percent of leading energy companies worldwide suffered a direct data breach, most were compromised via a supplier, contractor, or other third-party organization.

“Fueling the global economy and daily life, reliance on the energy sector elevates it as a prime target for cyberattacks. Amid economic and political uncertainties, concerns about safeguarding this vital sector intensified. Energy attacks not only result in financial losses and disruptions but ripple through manufacturing, healthcare, and transportation sectors,” says Security ScoreCard.

Aerospace News Phishing

0

18

US aerospace company hit by cyber-attack

An unknown threat actor has breached an as-yet-unnamed US aerospace company. According to BlackBerry, who first highlighted the attack, the threat actor’s weaponization of a phishing attack became operational around September 2022, with the offensive phase of the attack occurring almost a year later in July of this year.

The cybercriminals responsible, whom BlackBerry has christened “AeroBlade,” are believed to have used the intervening nine months to develop the additional resources necessary to ensure access to the aerospace company’s systems to exfiltrate potentially highly valuable information – pointing to a high degree of professionalism and persistence on the part of the attacker.

1
2