December 27, 2023 at 04:11AM Yakult Australia and New Zealand have confirmed a “cyber incident,” currently under investigation with cyber experts. The incident, detected in mid-December, has led to data leaks. A group named ‘DragonForce’ claims responsibility for the attack, leaking 95 GB of data, including company information and employee records. The offices remain operational … Read more
December 26, 2023 at 03:05PM Integris Health patients in Oklahoma are being targeted with blackmail emails following a cyberattack on the healthcare network. The attackers threaten to sell stolen patient data unless extortion demands are met. Integris Health confirmed unauthorized access to patient data and warns recipients not to respond to the emails or click … Read more
December 22, 2023 at 01:12PM Google has released an urgent update to address a critical vulnerability in Chrome, identified as CVE-2023-7024. This heap buffer overflow flaw in Chrome’s WebRTC module allows remote code execution. While the threat is significant, Chrome’s sandbox and site isolation features provide some protection. The bug also extends to Microsoft Edge, … Read more
December 21, 2023 at 02:11PM First American Financial Corporation, the second-largest title insurance company in the U.S., experienced a cyberattack, leading to the shutdown of certain systems. This California-based company, with over 21,000 employees and annual revenue of $7.6 billion, faced a $1 million penalty for cybersecurity violations in 2019. Similarly, Fidelity National Financial also … Read more
December 20, 2023 at 07:51AM Comcast’s Xfinity recently disclosed a data breach affecting approximately 36 million individuals to US authorities. Hackers accessed customer data, including personal details and hashed passwords. The breach possibly impacts all Xfinity customers and employees. The attack exploited a Citrix Netscaler ADC and Gateway vulnerability named CitrixBleed, despite Xfinity’s prompt patch … Read more
December 19, 2023 at 01:22PM The FBI and CISA released a joint Cybersecurity Advisory (CSA) to share known IOCs and TTPs linked to the ALPHV Blackcat ransomware. The advisory warns organizations of evolving tactics used by the threat actors, including advanced social engineering and remote access software deployment. It also provides mitigations and incident response … Read more
December 19, 2023 at 10:20AM Israel has identified Iran and Hezbollah as responsible for a cyberattack on Ziv Medical Center in Safed. The attack, orchestrated by Iran’s Ministry of Intelligence with Hezbollah’s involvement, resulted in the theft of 500GB of medical data. The Israel National Cyber Directorate confirmed the attack was thwarted, preventing disruption to … Read more
December 19, 2023 at 07:15AM MuddyWater, an Iranian cyber espionage group affiliated with Iran’s Ministry of Intelligence and Security (MOIS), has used a new command-and-control framework called MuddyC2Go in attacks on telecommunications sectors in Egypt, Sudan, and Tanzania. Symantec’s Threat Hunter Team, tracking the group as Seedworm, has observed the group’s use of various tools … Read more
December 19, 2023 at 06:51AM Comcast’s Xfinity informed customers of a cybersecurity breach due to the CitrixBleed vulnerability, compromising usernames, passwords, and personal information. Despite promptly patching the flaw in its systems, the breach was confirmed, prompting password resets and multi-factor authentication. The CitrixBleed vulnerability has been implicated in numerous global attacks, affecting various organizations. … Read more
December 19, 2023 at 06:03AM Mortgage giant Mr. Cooper is notifying 14.7 million individuals about a recent cyberattack that resulted in the theft of personal information. The attack, identified on October 31, led to the compromise of customer data including names, addresses, Social Security numbers, and bank account numbers. Mr. Cooper has taken steps to … Read more