The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. “Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized,” the government said in an updated advisory. “This is likely in response to the […]
LockBit ransomware attacks are still occurring despite law enforcement takedown efforts, with threat actors exploiting ScreenConnect vulnerabilities to deploy the ransomware on compromised networks.
Members are advised to be cautious of phishing attacks and to update their passwords as a precautionary measure, while the organization has taken steps to enhance cybersecurity in response to the incident.
The Roundcube email server vulnerability (CVE-2023-43770) is actively exploited in cross-site scripting (XSS) attacks, posing a significant risk to both federal agencies and private organizations worldwide.
Email attacks relying on QR codes surged in the last quarter, with attackers specifically targeting corporate executives and managers, reinforcing recommendations that companies place additional digital protections around their business leadership. Making matters worse, phishing emails using QR codes (aka “quishing”) can often get by spam filters, with attacks targeting users of Microsoft 365 and […]
Dive Brief: Ransomware attacks inflicted more financial damage and hit more companies last year than ever before, according to Unit 42 and Chanalysis research. Victim organizations paid a collective $1.1 billion in ransom demands in 2023, the largest amount ever recorded, Chainalysis said in a Wednesday report on financially-motivated criminal activity in cryptocurrency exchanges. Threat […]
Russian state-sponsored actors have staged NT LAN Manager (NTLM) v2 hash relay attacks through various methods from April 2022 to November 2023, targeting high-value targets worldwide. The attacks, attributed to an “aggressive” hacking crew called APT28, have set their eyes on organizations dealing with foreign affairs, energy, defense, and transportation, as well as those involved […]
Ransomware attacks are increasing again as cybercriminals’ motivation shifts to data exfiltration, according to Delinea. The familiar tactics of crippling a company and holding it hostage have been replaced by new strategies that use stealth to exfiltrate private and sensitive data. Cybercriminals then frequently threaten to sell it to the highest bidder on the darknet […]
A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30. Slovak cybersecurity firm ESET is tracking the advanced persistent threat (APT) group under the name Blackwood. It’s said to be active since at least 2018. […]