January 2, 2024 at 12:33PM Xerox Business Solutions (XBS) U.S. division was hacked, with limited personal information possibly exposed. Xerox Corporation is working with cybersecurity experts to investigate and secure the IT environment. The attack has not affected operations, but sensitive data may have been stolen. Xerox assures it will notify affected individuals. This follows … Read more
December 28, 2023 at 10:54AM Kaspersky’s GReAT team uncovered a hidden iPhone feature, exploited through CVE-2023-38606, allowing attackers to evade memory protection. The issue affected iPhones on iOS up to 16.6 and may have been for testing or debugging. The team’s thorough analysis revealed a sophisticated attack vector, demonstrating how even advanced hardware protection can … Read more
December 27, 2023 at 05:17PM The Ohio Lottery experienced a cyberattack on Christmas Eve, disrupting some internal applications. Services are being restored, but mobile cashing above $599 and some winning numbers are unavailable. The lottery advises customers to check numbers at retailers, and smaller prizes can be cashed at retailers, while larger prizes require mailing … Read more
December 22, 2023 at 06:45AM The Donald W. Wyatt Detention Facility in Rhode Island experienced a data breach affecting around 2,000 inmates, staff, and vendors. The breach, which occurred in November, involved malware and data theft, compromising personal details like financial info, medical records, and Social Security numbers. The facility is providing affected individuals with … Read more
December 20, 2023 at 10:10AM The Israel National Cyber Directorate issued an urgent warning about a targeted email campaign impersonating F5 Networks, delivering dangerous wiper malware. The attacker capitalized on a critical F5 BIG-IP vulnerability, sending emails from “[email protected]” with an attached file named “update.zip.” The malware can delete F5 servers but cannot spread laterally. … Read more
December 2, 2023 at 11:54AM The HHS alerted U.S. healthcare organizations to patch the ‘Citrix Bleed’ vulnerability (CVE-2023-4966), as it’s actively exploited by ransomware gangs, bypassing security controls. Citrix and federal agencies urged immediate action. Despite a fix released in October, over 10,000 servers remain at risk, threatening the Health sector. Meeting Takeaways: 1. **Urgent … Read more
November 20, 2023 at 10:47AM The Rhysida ransomware gang has taken responsibility for a cyberattack on the British Library, causing an ongoing IT outage. They are auctioning off the stolen data and accepting bids for the next seven days. The FBI and CISA have warned of Rhysida’s attacks on various industries. HR documents have also … Read more
November 7, 2023 at 12:23PM The recent cyberattacks on MGM Resorts International and Caesars Entertainment highlight the impact of data breaches on organizations. The breach was orchestrated through social engineering tactics using information obtained from LinkedIn. The root cause of such breaches is the continued reliance on legacy sign-in credentials, which are easily compromised. In … Read more
October 26, 2023 at 12:21PM Kansas officials are investigating a massive computer outage in the state’s courts, which has been ongoing for two weeks. While the officials have not provided details, experts believe it could be a ransomware attack. The disruption has forced attorneys to use paper filing and has slowed down the entire court … Read more
October 26, 2023 at 10:56AM StripedFly is a sophisticated cross-platform malware that infected over a million Windows and Linux systems for five years. Kaspersky discovered it in 2022 and found evidence of its activity since 2017. The malware features TOR-based traffic concealing mechanisms, automated updating, worm-like spreading, and an exploit created before it was publicly … Read more