Tag: incident response strategies

  • Hacker News: UnitedHealth says data of 100M stolen in Change Healthcare hack

    Source URL: https://www.bleepingcomputer.com/news/security/unitedhealth-says-data-of-100-million-stolen-in-change-healthcare-hack/ Source: Hacker News Title: UnitedHealth says data of 100M stolen in Change Healthcare hack Feedly Summary: Comments AI Summary and Description: Yes Summary: The Change Healthcare ransomware attack represents one of the largest healthcare data breaches in recent years, affecting over 100 million individuals. Sensitive personal and medical information was compromised, resulting…

  • Cloud Blog: Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575)

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/fortimanager-zero-day-exploitation-cve-2024-47575/ Source: Cloud Blog Title: Investigating FortiManager Zero-Day Exploitation (CVE-2024-47575) Feedly Summary: Written by: Foti Castelan, Max Thauer, JP Glab, Gabby Roncone, Tufail Ahmed, Jared Wilson Summary In October 2024, Mandiant collaborated with Fortinet to investigate the mass exploitation of FortiManager appliances across 50+ potentially compromised FortiManager devices in various industries. The vulnerability,…

  • Wired: Exposed United Nations Database Left Sensitive Information Accessible Online

    Source URL: https://www.wired.com/story/un-women-database-exposure/ Source: Wired Title: Exposed United Nations Database Left Sensitive Information Accessible Online Feedly Summary: More than 115,000 files related to UN Women included detailed financial disclosures from organizations around the world—and personal details and testimonials from vulnerable individuals. AI Summary and Description: Yes Summary: The incident concerning the exposed database from the…

  • The Register: ESET denies it was compromised as Israeli orgs targeted with ‘ESET-branded’ wipers

    Source URL: https://www.theregister.com/2024/10/18/eset_denies_israel_branch_breach/ Source: The Register Title: ESET denies it was compromised as Israeli orgs targeted with ‘ESET-branded’ wipers Feedly Summary: Says ‘limited’ incident isolated to ‘partner company’ ESET denies being compromised after an infosec researcher highlighted a wiper campaign that appeared to victims as if it was launched using the Slovak security shop’s infrastructure.……

  • The Register: Ransomware gang Trinity joins pile of scumbags targeting healthcare

    Source URL: https://www.theregister.com/2024/10/09/trinity_ransomware_targets_healthcare_orgs/ Source: The Register Title: Ransomware gang Trinity joins pile of scumbags targeting healthcare Feedly Summary: As if hospitals and clinics didn’t have enough to worry about At least one US healthcare provider has been infected by Trinity, an emerging cybercrime gang with eponymous ransomware that uses double extortion and other “sophisticated" tactics…

  • Hacker News: European govt air-gapped systems breached using custom malware

    Source URL: https://www.welivesecurity.com/en/eset-research/mind-air-gap-goldenjackal-gooses-government-guardrails/ Source: Hacker News Title: European govt air-gapped systems breached using custom malware Feedly Summary: Comments AI Summary and Description: Yes Summary: This text presents an extensive analysis of the GoldenJackal APT group’s cyberespionage activities, notably their attacks on air-gapped systems within governmental organizations in Europe. It introduces previously undocumented malware tools employed…

  • The Register: Cicada ransomware may be a BlackCat/ALPHV rebrand and upgrade

    Source URL: https://www.theregister.com/2024/09/04/cicada_ransomware_blackcat_links/ Source: The Register Title: Cicada ransomware may be a BlackCat/ALPHV rebrand and upgrade Feedly Summary: Researchers find many similarities, and nasty new customizations such as embedded compromised user credentials The Cicada3301 ransomware, which has claimed at least 20 victims since it was spotted in June, shares “striking similarities" with the notorious BlackCat…

  • Slashdot: Russian Government Hackers Found Using Exploits Made By Spyware Companies NSO and Intellexa

    Source URL: https://it.slashdot.org/story/24/08/29/1516226/russian-government-hackers-found-using-exploits-made-by-spyware-companies-nso-and-intellexa?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Russian Government Hackers Found Using Exploits Made By Spyware Companies NSO and Intellexa Feedly Summary: AI Summary and Description: Yes Summary: Google has uncovered evidence that Russian government hackers are utilizing exploits similar to those created by infamous spyware companies Intellexa and NSO Group. This situation illustrates how advanced…

  • Hacker News: Major Backdoor in RFID Cards Allows Instant Cloning

    Source URL: https://www.securityweek.com/major-backdoor-in-millions-of-rfid-cards-allows-instant-cloning/ Source: Hacker News Title: Major Backdoor in RFID Cards Allows Instant Cloning Feedly Summary: Comments AI Summary and Description: Yes Summary: Quarkslab has uncovered a critical security vulnerability in contactless RFID cards manufactured by Shanghai Fudan Microelectronics Group, enabling attackers to clone these cards with mere physical proximity. This discovery raises significant…