Stephanie Adlam

Henry Schein was hacked twice by BlackCat ransomware

Healthcare company Henry Schein is restoring systems after a ransomware group re-encrypted files during negotiations.

Henry Schein Global, a healthcare solutions provider, faced a persistent cybersecurity nightmare. The BlackCat/ALPHV ransomware gang is launching a second wave of attacks, claiming to have re-encrypted files after stalled negotiations. The company, headquartered in Melville, New York, is restoring systems. It happened after the cybercrime group took credit for an initial breach on October… Continue reading Henry Schein was hacked twice by BlackCat ransomware

Ethyrial: Echoes of Yore Ransomware Attack Wiped Player Accounts

A rare occasion of ransomware attack on a game developer led to the wipe of player accounts

“Ethyrial: Echoes of Yore” fell victim to a ransomware attack last Friday. The attack hit 17,000 player accounts, wiping them – a yet unseen outcome of a ransomware attack. Ransomware encrypted main server “Ethyrial: Echoes of Yore” On October 19, 2023, ransomware actors successfully attacked the main server of the Ethyrial: Echoes of Yore game.… Continue reading Ethyrial: Echoes of Yore Ransomware Attack Wiped Player Accounts

Dharma Ransomware Criminals Captured in Ukraine, Europol Reports

Another successful operation of law enforcement lead to the detainment of the Dharma ransomware group leader

On November 28, 2023, Europol claimed successful detainment of ransomware operators, particularly related to Dharma and Hive ransomware. The operation took place in 4 Ukrainian cities, and is most likely a continuation of a similar operation from 2021. Dharma Ransomware Actors Detained in Ukraine In the statement on the official website, Europol claimed searches in… Continue reading Dharma Ransomware Criminals Captured in Ukraine, Europol Reports

What is Catfishing? Explanation & Ways to Avoid

Any online communications with strangers have a risk of your contact not being a person it says it is

Catfishing appears to be the new-old approach in online phishing. While having less direct threat to the user, it may sometimes create even bigger problems, and inflict emotional damage. But how does it work? And what catfishing is, after all? Let’s find out. What is Catfishing? In brief, catfishing is the creation of a false… Continue reading What is Catfishing? Explanation & Ways to Avoid

InfectedSlurs Botnet Exploits Zero-Days to Spread Mirai Malware

InfectedSlurs Botnet deploys Mirai malware using unpatched vulnerabilities

The “InfectedSlurs Botnet,” a sophisticated cyber threat, has been uncovered by the Akamai SIRT in a recent development. This malware campaign utilizes zero-day exploits to propagate the notorious Mirai malware, posing a significant risk to vulnerable devices worldwide. InfectedSlurs Helps Mirai Botnet to Resurface The InfectedSlurs Botnet has strong ties to the infamous Mirai malware,… Continue reading InfectedSlurs Botnet Exploits Zero-Days to Spread Mirai Malware

Rude Stealer Targets Data from Gamer Platforms

Java-based stealer target gaming platforms

A newly discovered Java-based stealer named Rude has emerged, encapsulated within a Java Archive (JAR) file. It employs a range of sophisticated functionalities and focuses on stealing sensitive data from gaming platforms such as Steam, Discord, and other browsers. Rude Stealer Overview In early November 2023, researchers identified a malicious JAR file labeled “Stealer.jar” on… Continue reading Rude Stealer Targets Data from Gamer Platforms

Welltok Data Breach Exposes More Than 8 million Patients

Welltok's breach, affecting 8.5M patients, emphasizes the imperative for rigorous cybersecurity in safeguarding sensitive healthcare data.

Welltok, a healthcare Software as a Service (SaaS) provider, has reported unauthorized access to its MOVEit Transfer server, impacting the personal information of nearly 8.5 million patients in the United States. The breach, detected on July 26, 2023, has raised concerns about the security of patient data and has significant implications for healthcare providers across… Continue reading Welltok Data Breach Exposes More Than 8 million Patients

LitterDrifter – Russia’s USB Worm Targeting Ukrainian Entities

LitterDrifter USB worm is a cyber threat targeting Ukrainian entities, emphasizing the need for robust cybersecurity defenses worldwide.

LitterDrifter USB worm, intricately linked to the notorious Gamaredon group and originating from Russia. It has set its sights on Ukrainian entities, adding a concerning layer to the already complex world of state-sponsored cyber espionage. This USB worm, believed to be orchestrated by Russian actors, not only showcases the adaptability and innovation of Gamaredon but… Continue reading LitterDrifter – Russia’s USB Worm Targeting Ukrainian Entities

Apache ActiveMQ Vulnerability Exploited In The Wild

Hackers actively exploit the vulnerability in Apache ActiveMQ, detected back in October 2023

Recent Apache ActiveMQ vulnerability, that allows for remote code execution, is reportedly exploited in real-world attacks. Analysts noticed several exploitation cases that used this vulnerability to infect Linux systems with Kinsing malware. That is a rare sight of a high-profile vulnerability being exploited to infect exclusively Linux machines. Apache ActiveMQ Vulnerability Allows for RCE Analysts… Continue reading Apache ActiveMQ Vulnerability Exploited In The Wild

Zimbra Vulnerability Exploited in the Wild

Zimbra has patched a vulnerability exploited by several threat actors.

Google TAG’s recent discovery reveals a 0-day exploit, CVE-2023-37580, targeting Zimbra Collaboration. This is a Cross-Site Scripting (XSS) vulnerability exploited in four campaigns. Zero-day discovery was patched A severe vulnerability has been discovered in the Zimbra email software. Four hacker groups exploited vulnerabilities to steal email data, user credentials, and tokens. According to the Google… Continue reading Zimbra Vulnerability Exploited in the Wild