April 2, 2024 at 05:09AM MarineMax recently confirmed a ransomware attack led to a data breach affecting customers and employees. The attackers, known as the Rhysida ransomware group, have claimed to have stolen ‘limited data’, including personal information. MarineMax’s ongoing investigation aims to evaluate the extent of the incident’s impact on operations and financial condition. … Read more
April 1, 2024 at 05:07PM Cybercriminals pose a threat by coercing legitimate AI models to turn malicious, but the greater danger lies in their creation of malicious chatbot platforms and the use of open source models. Based on the meeting notes, it seems that there are concerns about cybercriminals bypassing security measures to manipulate legitimate … Read more
April 1, 2024 at 02:40PM MarineMax, a major yacht retailer, experienced a cyberattack in March that led to the theft of employee and customer data. Although the company claimed not to store sensitive data, a recent filing revealed that personal information was indeed compromised. The attacker, identified as the Rhysida ransomware gang, is attempting to … Read more
April 1, 2024 at 10:52AM Harvard Pilgrim’s healthcare biz discloses a data breach affecting 2.9 million individuals. Personal data, including clinical information, was compromised. Credit monitoring and identity protection services are offered. Cisco faced critical vulnerabilities with potential denial of service attacks. A decade-old worm, TheMoon, resurfaces targeting end-of-life routers and IoT devices. Sellafield Ltd … Read more
April 1, 2024 at 08:43AM AT&T confirmed a data dump of 73 million customer records from 2019 or earlier, impacting both current and former customers. The information includes personal details such as names, contact information, Social Security numbers, and account credentials. While AT&T denies unauthorized system access, the source of the data remains uncertain, potentially … Read more
March 29, 2024 at 09:09AM In March 2024, a dormant botnet, TheMoon, was found controlling EoL routers and IoT devices to power a criminal proxy service named Faceless. The service allows malicious activities to remain anonymous and has been used by threats like SolarMarker and IcedID to connect to their C2 servers. The majority of … Read more
March 28, 2024 at 07:06AM The US Department of State announced a $10 million reward for information on Alphv/BlackCat ransomware operators. The group has affected over 1,000 victims worldwide, including major organizations. Law enforcement took down BlackCat’s infrastructure in 2023, and the US is seeking information on the group and its affiliates’ malicious cyber activities. … Read more
March 28, 2024 at 06:30AM NHS Scotland contained a ransomware attack to a regional branch, preventing its spread across the institution. The INC Ransom group claimed responsibility, leaking sensitive patient and staff data. The Scottish Government is collaborating with law enforcement to assess the breach’s impact. Healthcare is a prime target for cybercriminals due to … Read more
March 27, 2024 at 01:01PM Threat actors are increasingly using the inexpensive and rapidly expanding phishing-as-a-service (PhaaS) platform, available for purchase through Telegram. Certainly! The takeaway from the meeting notes is that threat actors are increasingly utilizing the inexpensive and rapidly expanding phishing-as-a-service (PhaaS) platform, which is being distributed through Telegram. This insight highlights the … Read more
March 27, 2024 at 10:10AM Ransomware evolution in the past months includes LockBit’s blog takedown, BlackCat’s exit, and smaller groups emergence. The ecosystem functions as a complex supply chain with RaaS dominating large groups. Affiliate competition and recent takedowns are shifting the landscape, potentially leading to ecosystem fragmentation. Corporate security recommendations include extensive monitoring, patching … Read more