November 27, 2023 at 04:43PM Ardent Health Services experienced a ransomware attack in November, affecting its entire network and 30 hospitals across six states. Patient care was not disrupted, but some emergency cases are being redirected to other hospitals. Ardent has reported the attack, launched an investigation, and suspended user accounts. The restoration of access … Read more
November 27, 2023 at 11:23AM Slovenian power company Holding Slovenske Elektrarne (HSE) experienced a ransomware attack that affected its systems and encrypted files. However, the attack did not disrupt electric power production. HSE, the country’s largest power generation company, is considered critical infrastructure. The organization has taken measures to contain the attack, inform authorities, and … Read more
November 20, 2023 at 10:47AM The Rhysida ransomware gang has taken responsibility for a cyberattack on the British Library, causing an ongoing IT outage. They are auctioning off the stolen data and accepting bids for the next seven days. The FBI and CISA have warned of Rhysida’s attacks on various industries. HR documents have also … Read more
November 17, 2023 at 06:33AM Toyota Financial Services Europe & Africa confirmed being targeted in a cyberattack by the ransomware group Medusa. Unauthorized activity was detected in a limited number of locations and systems were taken offline. The group is threatening to distribute stolen data unless an $8 million ransom is paid. The attack may … Read more
November 15, 2023 at 02:24PM The Toronto Public Library (TPL) experienced a ransomware attack in October, resulting in the theft of personal information belonging to employees, customers, volunteers, and donors. The compromised file server contained data dating back to 1998, including names, social insurance numbers, birth dates, home addresses, and government-issued identification documents. The library … Read more
November 13, 2023 at 09:41AM Denmark experienced its largest-ever online attack on critical infrastructure in May, according to a report from SektorCERT. The attack affected 22 companies, with some forced to disconnect from the power network. Unpatched vulnerabilities in Zyxel firewalls were exploited, potentially by multiple groups including Russia’s Chief Intelligence Office. The attacks were … Read more
November 12, 2023 at 07:50PM Australia’s National Cyber Security Coordinator has labeled an attack on DP World, a logistics company, as a “nationally significant cyber incident.” The attack caused DP World’s technology infrastructure at four Australian ports to go offline, resulting in the closure of the facilities. DP World handles 40 percent of the containers … Read more
November 10, 2023 at 02:16PM The recent ransomware attack on the Industrial and Commercial Bank of China (ICBC) may be linked to a vulnerability in Citrix’s NetScaler technology. The vulnerability, known as “CitrixBleed,” allows attackers to steal sensitive information and hijack user sessions. It has a severity score of 9.4 out of 10 and has … Read more
November 10, 2023 at 10:32AM The Industrial & Commercial Bank of China (ICBC) has confirmed that it experienced a ransomware attack on November 8, which disrupted its services. The attack impacted certain financial services systems, including its ability to connect to DTCC/NSCC and settle U.S. Treasury trades for other market participants. ICBC is conducting an … Read more
November 9, 2023 at 03:07AM Russian cyberattack group Sandworm was responsible for the coordinated cyberattack and power outage in Ukraine last year, according to Mandiant’s threat intel team. The attack targeted a power plant, compromising its operational technology (OT) environment through a hypervisor hosting a supervisory control and data acquisition (SCADA) management instance. Sandworm executed … Read more