Astrix Security Banks $45M Series B to Secure Non-Human Identities

December 10, 2024 at 08:04AM Astrix Security, a startup focusing on securing non-human identities, has raised $45 million in Series B funding, totaling $85 million. Investors include Menlo Ventures, Workday Ventures, and BVP. The company addresses identity management challenges and has expanded its workforce significantly to serve major clients like Workday and Netapp. ### Meeting … Read more

Heart surgery device maker’s security bypassed, data encrypted and stolen

December 10, 2024 at 07:38AM Artivion reported a cybersecurity incident resembling a ransomware attack on November 21, 2024, resulting in data theft and file encryption. The company is investigating, has engaged external advisors, and is working to restore systems. The incident has disrupted operations but is not expected to impact finances significantly, aided by cyber … Read more

Phone Phishing Gang Busted: Eight Arrested in Belgium and Netherlands

December 10, 2024 at 06:54AM Belgian and Dutch authorities arrested eight suspects linked to a “phone phishing” gang operating from the Netherlands, targeting victims worldwide to steal financial data. Law enforcement executed 17 searches, seizing cash, firearms, and luxury goods. The crime network, involving call centers, profited millions from phishing and bank fraud. ### Meeting … Read more

Ransomware attack hits leading heart surgery device maker

December 9, 2024 at 06:03PM Artivion experienced a ransomware attack on November 21, disrupting operations and forcing some systems offline. The company is investigating the incident, involving external advisors, and has reported data encryption and theft. While most operational disruptions have been addressed, additional costs are expected, and no ransom demands have yet been claimed. … Read more

Microsoft NTLM Zero-Day to Remain Unpatched Until April

December 9, 2024 at 05:44PM Microsoft issued guidance to mitigate NTLM relay attacks following the discovery of a zero-day bug affecting all Windows versions, enabling credential theft through malicious files. The bug’s fix is anticipated in April. Organizations are advised to enable Extended Protection for Authentication (EPA) to strengthen defenses against these vulnerabilities. ### Meeting … Read more

Salt Typhoon recorded top US officials’ calls, says White House

December 9, 2024 at 02:08PM Chinese cyberspies, part of the Salt Typhoon campaign, reportedly recorded calls of senior US political figures, according to Anne Neuberger, deputy national security advisor. Eight US telecom providers were compromised, impacting government officials and corporate intellectual property. A Senate hearing will address the risks from such cyber intrusions. ### Meeting … Read more

Romanian energy supplier Electrica hit by ransomware attack

December 9, 2024 at 11:42AM Electrica Group is investigating an ongoing ransomware attack while ensuring that its critical systems remain unaffected. The company, which serves over 3.8 million customers, is collaborating with cybersecurity authorities to maintain electricity supply and protect data. Recent events include scrutiny of election vulnerabilities amidst widespread cyberattacks in Romania. **Meeting Takeaways: … Read more

Crooks stole AWS credentials from misconfigured sites then kept them in open S3 bucket

December 9, 2024 at 11:20AM Security researchers report an ongoing massive online heist targeting AWS customers, exploiting public website misconfigurations to steal source codes, credentials, and secrets. The criminal operation, linked to the Nemesis and ShinyHunters gangs, remains active. Misconfigurations allowing these breaches are attributed to customer oversight, not AWS itself. ### Meeting Takeaways 1. … Read more

Medical Device Maker Artivion Scrambling to Restore Systems After Ransomware Attack

December 9, 2024 at 09:06AM Artivion disclosed a ransomware attack on November 21, disrupting order and shipping processes. The company, which manufactures aortic-centric medical devices, took systems offline for investigation and remediation. While it believes the attack won’t materially affect finances, some remediation costs may not be insured. Details on the threat actor remain undisclosed. … Read more

Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices

December 9, 2024 at 07:07AM A botnet named Socks5Systemz operates the malicious proxy service PROXY.AM, enabling cybercriminals to mask their activities. Recent findings reveal its resurgence after losing control of its initial version. Meanwhile, the Gafgyt malware targets misconfigured Docker API servers, emphasizing the risks of cloud misconfigurations and the need for better security practices. … Read more