InfoSecBulletin Cybersecurity for mankind
LockBit strikes once more! Two non-profit hospitals in New York have been targeted by a ransomware group, plunging them into a difficult struggle for recovery. The Scattered Spider threat group targeted yet another casino and hotel chain, unleashing a devastating ransomware attack. Caesars Entertainment’s loyalty program database was breached by the attackers. The consequences of previous data breaches have a way of haunting us in the present. Last year’s breach has led to a similar situation for LastPass users. Here are the top 10 highlights from the past 24 hours.
- In a recent cyberattack, the notorious LockBit ransomware group successfully infiltrated two prominent hospitals in New York: the Carthage Area Hospital and Claxton-Hepburn Medical Center. The aftermath of this malicious breach has gravely disrupted their crucial services, compelling them to divert patients and reschedule vital appointments.
ALSO READ:
Microsoft Patches Four Critical Azure and Power Apps Vulns
By infosecbulletin
/ Friday , May 9 2025
Microsoft has fixed critical vulnerabilities in its core cloud services, including Azure Automation, Azure Storage, Azure DevOps, and Microsoft Power...
Read More
Qilin Ransomware topped April 2025 with 45+ data leak disclosures
By infosecbulletin
/ Thursday , May 8 2025
The cyber threat landscape is rapidly changing, with a notable increase in ransomware activity in April 2025, driven by the...
Read More
SonicWall Patches 3 Flaws in SMA 100 Devices
By infosecbulletin
/ Thursday , May 8 2025
SonicWall has released patches for three security flaws in SMA 100 Secure Mobile Access appliances that could allow remote code...
Read More
Top Ransomware Actively Attacking Financial Sector: 406 Incidents Disclosed
By infosecbulletin
/ Thursday , May 8 2025
From April 2024 to April 2025, Flashpoint analysts noted that the financial sector was a major target for threat actors,...
Read More
Critical (CVSS 10) Flaw in Cisco IOS XE WLCs Allows RRA
By infosecbulletin
/ Thursday , May 8 2025
Cisco has issued a security advisory for a critical vulnerability in its IOS XE Software for Wireless LAN Controllers (WLCs)....
Read More
CVE-2025-29824
Play Ransomware Exploited Windows CVE-2025-29824 as Zero-Day
By infosecbulletin
/ Wednesday , May 7 2025
Attackers linked to the Play ransomware operation deployed a zero-day privilege escalation exploit during an attempted attack against an organization...
Read More
Hacker exploited Samsung MagicINFO 9 Server RCE flaw
By infosecbulletin
/ Wednesday , May 7 2025
Hackers are exploiting an unauthenticated remote code execution vulnerability in the Samsung MagicINFO 9 Server to take control of devices...
Read More
CISA adds Langflow flaw to its KEV catalog
By infosecbulletin
/ Tuesday , May 6 2025
CISA added the Langflow vulnerability, CVE-2025-3248 (CVSS score 9.8), to its Known Exploited Vulnerabilities catalog. Langflow is a popular tool...
Read More
Google Fixes Android Flaw (CVE-2025-27363) Exploited by Attackers
By infosecbulletin
/ Tuesday , May 6 2025
Google has released its monthly Android security updates, addressing 46 vulnerabilities, including one that has been actively exploited. CVE-2025-27363 (CVSS...
Read More
UAP hosted “UAP Cyber Siege 2025”, A national level cybersecurity competition
By infosecbulletin
/ Tuesday , May 6 2025
The Cyber Security Club, representing the Department of Computer Science and Engineering at the University of Asia Pacific (UAP), has...
Read More
- According to Trend Micro, the threat groups responsible for RedLine and Vidar have been employing identical techniques to propagate both ransomware and info-stealers. The attackers are using Extended Validation (EV) code signing certificates to sign the malware.
- LastPass users are in danger of falling victim to a highly persuasive phishing email, which resembles the aftermath of last year’s security breach. The email asks users to verify their personal data or risk losing access to certain features.
- The personal information of thousands of officers from Greater Manchester Police in the U.K. has been compromised due to a ransomware attack on a third-party supplier. Although sensitive details such as financial information and home addresses remained untouched, there is a possibility that the personal information of undercover officers was compromised.
