InfoSecBulletin Cybersecurity for mankind
In January, Atlantic General Hospital underwent a ransomware attack that compromised the PHI of thousands of people. However, according to the latest revelations, the actual number is five times greater than the initially disclosed one. In other news, the LetMeSpy Android stalkerware got hacked, exposing user information. Coming to the topic of ransomware, this relatively new ransomware, 8base, has amassed a good number of victims in just June. Read along to know more.
- Atlantic General Hospital
- A ransomware breach at Atlantic General Hospital in Maryland compromised the sensitive data of nearly 137,000 patients. This is five times more than the previously disclosed number of 30,700 victims.
- LetMeSpy
- The developer of the Android stalkerware LetMeSpy experienced a cyberattack, resulting in unauthorized access to user data. This includes email addresses, phone numbers, and message content. LetMeSpy was installed on around 10,000 devices.
- Cl0p ransomware group
- At least 131 organizations appear to have been impacted by the Cl0p ransomware group’s attacks against MOVEit Transfer. The threat actor listed 108 organizations, including seven U.S. universities.
- 8Base ransomware group
- The 8Base ransomware group has experienced a significant increase in activity since June. They have targeted multiple organizations worldwide and engaged in double-extortion attacks. So far, they have listed 35 victims on their extortion site.
- Triada trojan
- Check Point discovered a modified version of the Telegram Messenger app that contains the Triada trojan. This trojan can perform various malicious actions, such as stealing login credentials and signing up the user for paid subscriptions.
- Ukrainian cyber police
- Ukrainian cyber police raided nine fraudulent call centers involving over 200 operators running vishing campaigns. These operators were impersonating bank and other financial institution employees to obtain credit and debit card data.
- ThirdEye info-stealer
- FortiGuard Labs spotted ThirdEye, a new info-stealer that collects information from compromised Windows machines. This information could potentially be used in future cyberattacks.
- UAE and Israel cybersecurity project
- The UAE and Israel are collaborating on a cybersecurity project called “Crystal Ball”. This project aims to create a digital platform for sharing information. The project also involves Microsoft, Rafael Advanced Defense Systems, and CPX, with the participation of other countries.
- Cyera funding round
- Data security startup Cyera bagged a whopping $100 million in a Series B round led by Accel. Sequoia, Cyberstarts, and Redpoint Ventures also participated in the round.
- Astrix Security funding round
- Astrix Security, an access management platform for third-party app integrations, raised $25 million in a Series A funding round led by CRV. Bessemer Venture Partners and F2 Venture Capital also participated in the round.
First Half Of 2024 Report
Bangladeshi 32.4% government websites face cyber attack: NAS report
By infosecbulletin
/ Saturday , October 5 2024
National Attack Surface (NAS) report for the first half of 2024 reveals that 56.6% of cyberattacks in Bangladesh targeted educational...
Read More
Prince Ransomware Hits UK and US
By infosecbulletin
/ Saturday , October 5 2024
A new ransomware campaign is targeting individuals and organizations in the UK and US. The "Prince Ransomware" attack uses a...
Read More
CISA warns active exploit of Zimbra & Ivanti endpoint manager Vulns
By infosecbulletin
/ Friday , October 4 2024
CISA has issued an urgent alert about critical vulnerabilities being exploited in Synacor’s Zimbra Collaboration and Ivanti’s Endpoint Manager (EPM)....
Read More
A summary of “2024 State of Cybersecurity survey” by ISACA
By infosecbulletin
/ Friday , October 4 2024
ISACA 2024 survey report reveals that 66% of cybersecurity professionals find their jobs more stressful now than five years ago....
Read More
ISACA reveals
64% of Australian cybersecurity professionals feel increasing stress
By infosecbulletin
/ Friday , October 4 2024
A recent study by ISACA shows that almost two-thirds of cybersecurity professionals report increasing job stress. The 2024 State of...
Read More
Researchers detected 31 new Malware in September
By infosecbulletin
/ Friday , October 4 2024
In September, cybersecurity experts discovered 31 new ransomware variants that threaten individuals and businesses. These programs encrypt valuable data, making...
Read More
CRI Release New Ransomware Response Guidance
By infosecbulletin
/ Thursday , October 3 2024
New guidance on ransomware, released during this week's International Counter Ransomware Initiative (CRI) meeting, encourages victims to report attacks to...
Read More
ALERT
Over 700,000 Routers Vulnerable to Hack for 14 security flaws
By infosecbulletin
/ Thursday , October 3 2024
Over 14 new security flaws have been found in DrayTek routers for homes and businesses, which could allow attackers to...
Read More
Patch it now!
Critical Zimbra RCE flaw exploited: Needs Immediate Patching
By infosecbulletin
/ Wednesday , October 2 2024
Hackers are exploiting a recently revealed RCE vulnerability in Zimbra email servers that can be activated by sending specially crafted...
Read More
CISA Warns
Network switch RCE flaw impacts critical infrastructure
By infosecbulletin
/ Wednesday , October 2 2024
CISA warns of two serious vulnerabilities in Optigo Networks ONS-S8 Aggregation Switches, which could allow authentication bypass and remote code...
Read More
