November 20, 2024 at 09:24PM A data breach at a French hospital compromised medical records of 750,000 patients, linked to a hacker known as ‘nears’. The threat actor claims access to over 1.5 million patient records and is selling access to multiple hospitals’ systems. Exposed data includes personal and medical information, raising phishing risks. ### … Read more
November 18, 2024 at 02:03AM Legal documents reveal that NSO Group exploited WhatsApp vulnerabilities to install Pegasus spyware, even after facing lawsuits from Meta. New vectors, like “Erised,” were developed to bypass defenses. NSO controls the spyware deployment, contradicting claims of client operation responsibility, with Apple enhancing security features against such breaches. ### Meeting Takeaways: … Read more
November 13, 2024 at 02:18PM American Associated Pharmacies (AAP) faces a potential ransomware attack by the Embargo group, claiming to have stolen 1.469 TB of data and demanding $1.3 million. AAP hasn’t confirmed the breach but reset all user passwords without explanation. The deadline to pay is November 20 to avoid data leaks. ### Meeting … Read more
November 12, 2024 at 05:07AM A coordinated IP spoofing attack targeted the Tor network by conducting port scans to get relays added to blocklists, aiming to disrupt its functionality. This incident highlights ongoing security threats faced by the network. **Meeting Takeaways:** 1. **Incident Overview**: There was a coordinated IP spoofing attack aimed at disrupting the … Read more
November 11, 2024 at 05:17PM Halliburton Company reported $35 million in losses following a ransomware attack in August. The breach, attributed to the RansomHub gang, led to unauthorized data access and system shutdowns. Despite the incident, Halliburton anticipates minimal financial impact, with only a $0.02 per share effect on adjusted earnings. Investigations continue. ### Meeting … Read more
November 11, 2024 at 10:28AM Halliburton faced a $35 million loss due to an August ransomware attack by the RansomHub gang, which led to IT shutdowns and customer disconnections. Despite the breach, the company anticipates limited financial impact, reporting only a minor effect on earnings. Ongoing investigations are examining the scope of stolen data. **Meeting … Read more
November 7, 2024 at 05:26AM Microlise experienced a cyberattack that disrupted vehicle tracking services for Serco, DHL, and other fleets, affecting tracking capabilities in prison vans and courier vehicles. **Takeaways from Meeting Notes:** 1. **Incident Overview:** Microlise experienced a cyberattack that disrupted its vehicle tracking services. 2. **Affected Services:** The disruption primarily impacted the tracking … Read more
November 6, 2024 at 07:04AM Unauthorized activity on the Washington courts network caused a cyberattack, resulting in the unavailability of websites and other services. This incident prompted concerns about cybersecurity within the state’s judicial systems. **Meeting Takeaways:** 1. **Incident Overview**: There was unauthorized activity detected on the Washington courts network. 2. **Impact**: This unauthorized activity … Read more
October 29, 2024 at 05:11PM The China-sponsored hacking group Evasive Panda has launched CloudScout, a sophisticated toolset to exploit stolen Web session cookies and access data from cloud services like Google Drive and Gmail. This post-compromise tool evades authentication checks and illustrates the group’s advanced cyberespionage skills targeting civil society and political entities. ### Meeting … Read more
October 29, 2024 at 02:00PM Free, France’s second-largest ISP, reported a cyberattack that compromised internal management tools and customer data, affecting over 19 million accounts. The hacker attempted to sell stolen data on the Dark Web. Free confirmed no sensitive information was compromised and has notified affected customers while filing a criminal complaint. **Meeting Takeaways: … Read more