Security Affairs

OCTOBER 25, 2024

The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals.

Data breaches 126

Data breaches Healthcare Cybercrime Insurance 126

Security Affairs

JANUARY 26, 2025

In October 2024, UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.

Healthcare 126

Healthcare Data breaches Insurance Cybercrime 126

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services.

Ransomware 112

Ransomware Identity Theft Data breaches Cyber threats 112

Security Affairs

MARCH 1, 2025

These individuals are members of a global cybercrime ring tracked as Storm-2139 by Microsoft. ” The IT giant started the investigation in December 2024 when Microsofts Digital Crimes Unit (DCU) filed a lawsuit in the Eastern District of Virginia alleging various causes of action against 10 unidentified individuals violating U.S.

Cybercrime 74

Cybercrime Technology Hacking Accountability 74

Security Affairs

JANUARY 11, 2025

The security breach exposed customer data and IDs between October 10 and November 10, 2024. After discovering the security breach, the company investigated the incident and notified law enforcement. We have determined that certain of our customers personal information and documents was acquired by the threat actors.”

Data breaches 110

Data breaches Retail Cybercrime Government 110

Security Affairs

APRIL 7, 2025

A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. ” Source News4Jax The charges relate to his alleged role in the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). .” In January 2024, U.S. ” reported News4Jax.

Cybercrime 64

Cybercrime Identity Theft Social Engineering Hacking 64

Security Affairs

MAY 27, 2025

Sophos states that DragonForce ransomware operators chainedthe three vulnerabilities, tracked as CVE-2024-57727 , CVE-2024-57728 , and CVE-2024-57726 , for initial access. DragonForce runs a cybercrime affiliate service, letting affiliates use its tools to launch attacks and extort victims.

Ransomware 100

Ransomware Software Retail Data breaches 100

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches 115

Data breaches Cybercrime Cyber Insurance Marketing 115

Security Affairs

DECEMBER 30, 2024

On Wednesday, December 25, 2024, at 17:07 EST, the threat actor IntelBroker posted on X about releasing more data. We have analyzed the post data, and it aligns with the known data set from October 14, 2024.” At 17:40 EST, IntelBroker released 4.45 GB of data for free on BreachForums. ” reads the update published by Cisco.

Data breaches 121

Data breaches Cybercrime Authentication Technology 121

Security Affairs

FEBRUARY 10, 2025

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. A recent investigation by researchers from Intezer and Solis Security shed light on the recent operations of the XE Group. ” reads the analysis published by Intezer. and CVE-2025-25181 (CVSS score of 5.8)

Manufacturing 108

Manufacturing Cybercrime Passwords Authentication 108

Security Affairs

NOVEMBER 5, 2024

Canadian law enforcement agencies arrested a suspect, Alexander “Connor” Moucka (aka Judische and Waifu), who is accused of being responsible for a series of attacks relying on information stolen from the cloud data warehousing platform Snowflake earlier this year. Charges remain undisclosed.

Unstructured Data 118

Unstructured Data Media Hacking Cybercrime 118

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. During the attack in late 2024, the attacker deployed a distinct toolset that had previously been used by a China-linked actor in classic espionage attacks.” ” reads the report published by Broadcom. .

Ransomware 116

Ransomware Software Cybercrime Encryption 116

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malicious code was advertised on cybercrime forums for $3,000 per month.

Malware 118

Malware Advertising Antivirus Cybercrime 118

Security Affairs

DECEMBER 2, 2024

Operation HAECHI V (July-Nov 2024) targeted cyber frauds like phishing, romance scams, sextortion, investment fraud, online gambling, BEC, and e-commerce fraud. Operation Synergia II is a collaborative effort by INTERPOL, private sector partners, and 95 countries, that targeted phishing, ransomware, and infostealers from April to August 2024.

Cryptocurrency 124

Cryptocurrency Phishing Scams Cybercrime 124

Security Affairs

DECEMBER 25, 2024

dollars from the Japan-based cryptocurrency company DMM by North Korean cyber actors in May 2024.” dollars from the Japan-based cryptocurrency company DMM by North Korean cyber actors in May 2024.” ” reads the press release published by FBI. ” reads the press release published by FBI. BTC ($308M). FBI concludes.

Cryptocurrency 120

Cryptocurrency Social Engineering Hacking Cybercrime 120

Security Affairs

DECEMBER 4, 2024

The operation was carried out by Public Prosecutor’s Office in Frankfurt am Main, the Central Office for Combating Cybercrime (ZIT), and the Federal Criminal Police Office (BKA). Nearly $100M in cryptocurrency was traded on the platform from 2018-2024, with operators taking 1-5% commissions. Now in custody.

Cybercrime 112

Cybercrime Cryptocurrency Hacking Internet 112

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 108

Cryptocurrency Hacking Phishing Cyber Attacks 108

Security Affairs

NOVEMBER 27, 2024

. “Operation Serengeti (2 September – 31 October) targeted criminals behind ransomware, business email compromise (BEC), digital extortion and online scams – all identified as prominent threats in the 2024 Africa Cyber Threat Assessment Report.” ” reads the press release published by INTERPOL.

Scams 117

Scams Cybercrime Ransomware Cyber threats 117

SecureWorld News

NOVEMBER 14, 2024

Ransomware attacks on healthcare organizations have sharply increased in 2024, as shown by recent research from Safety Detectives. Escalating Frequency and Impact: Healthcare services have become one of the most targeted industries, moving from the fifth most attacked sector in 2023 to third in 2024.

Healthcare 119

Healthcare Ransomware Identity Theft Data breaches 119

Security Affairs

NOVEMBER 10, 2024

CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog Canadian authorities arrested alleged Snowflake hacker Android flaw CVE-2024-43093 may be under limited, targeted exploitation July 2024 ransomware attack on the City of Columbus impacted 500,000 people Nigerian man Sentenced to 26+ years in real estate phishing scams Russian (..)

Ransomware 114

Ransomware Cybercrime Phishing Banking 114

Security Affairs

FEBRUARY 6, 2025

The investigation began in early 2024 after data stolen from a Madrid business association was leaked on dark web cybercrime forums. The hacker claimed responsibility for the attacks on multiple cybercrime forums under different monikers to avoid being identified. ” continues the press release.

Cybercrime 77

Cybercrime Government Data breaches Information Security 77

Security Affairs

APRIL 26, 2025

The man is accused of having installed the malware on the hospital computers on August 6, 2024. Security footage reportedly shows the man attempting to access multiple offices before installing malicious software designed to capture screenshots every 20 minutes and transmit them to an external IP address. Anthony Hospital.

Malware 145

Malware Cybersecurity Healthcare Media 145

Security Affairs

APRIL 15, 2025

Hertz Corporation disclosed a data breach after customer data was stolen via Cleo zero-day exploits in late 2024, affecting Hertz, Thrifty, and Dollar brands. Threat actors gained access to customer data via Cleo zero-day exploits in late 2024. In December 2024, the U.S.

Data breaches 63

Data breaches Ransomware Software Hacking 63

Security Affairs

NOVEMBER 18, 2024

On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. ” reads the notice of security incident published by the organization.

Ransomware 122

Ransomware Insurance Encryption Healthcare 122

Security Affairs

FEBRUARY 3, 2025

The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild. The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104 , which is actively exploited in attacks in the wild.

Media 112

Media Authentication Hacking Accountability 112

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. “This suspected data breach reportedly affects Free Mobile and Freebox customers, with the data leak dating back to October 17, 2024, according to the cybercriminals.”

Cyber Attacks 123

Cyber Attacks Telecommunications Data breaches Banking 123

Security Affairs

OCTOBER 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 114

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 114

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency 109

Cryptocurrency Malware Hacking Ransomware 109

Security Affairs

DECEMBER 8, 2024

Anna Jaques Hospital completed the forensic investigation on November 5, 2024 and determined that the incident impacted 316,342 patients. While we conducted our investigation, out of anbundance of caution, on Janurary 24, 2024, Anna Jaques posted a notice on ther website.”

Data breaches 114

Data breaches Insurance Healthcare Ransomware 114

Security Boulevard

FEBRUARY 14, 2025

Meanwhile, an informal Tenable poll looks at cloud security challenges. And get the latest on ransomware trends and on cybercrime legislation and prevention! government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

Security Affairs

DECEMBER 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds CyberPanelflaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA)added the CyberPanelflaw CVE-2024-51378 (CVSS score: 10.0) CISA orders federal agencies to fix this vulnerability byDecember 25, 2024.

DNS 108

DNS Authentication Ransomware Hacking 108

Security Affairs

DECEMBER 16, 2024

The company disclosed a data breach that exposed personal information and medical information of more than 900,000 individuals. The company discovered the security breach on May 12 and promptly began investigating into the incident. concludes the notice.

Data breaches 106

Data breaches Identity Theft Healthcare Insurance 106

Security Affairs

DECEMBER 7, 2024

The CEO of the Croatian Port, Duko Grabovac, told local media outlet Novi list that despite threats actors stole some data, the incident had no impact on the operations at the post.

Ransomware 121

Ransomware Hacking Accountability Cyber Attacks 121

Security Affairs

MARCH 21, 2025

Strategic Cyber Warfare In geopolitical conflicts, access to Telegram accounts and devices could provide military and intelligence advantages, such as intercepting sensitive communications, and identifying informants. Gaining access without cooperation from Telegram itself could be highly valuable.

Government 144

Government Surveillance Mobile Hacking 144

Security Affairs

JANUARY 11, 2025

1, 2024, while Anton Vyachlavovich Tarasov, remains at large. The indictment and arrests announced today, which follow the earlier takedown of the defendants criminal infrastructure, yet again demonstrate the value of our international partnerships in countering the global threat from cybercrime. and Sinbad.io Blender.io and Sinbad.io

Cybercrime 70

Cybercrime Cryptocurrency Hacking Ransomware 70

Security Affairs

MARCH 19, 2025

CCB discovered unauthorized activity on its IT systems on April 21, 2024, and promptly isolated the affected systems. An investigation revealed that an unauthorized party accessed or acquired files between April 20 and April 22, 2024. As a precaution, the company conducted a thorough review of potentially compromised files.

Data breaches 106

Data breaches Banking Insurance Hacking 106

Security Affairs

FEBRUARY 5, 2025

The International Civil Aviation Organization (ICAO) , a specialized agency of the United Nations, is investigating a significant data breach that has raised concerns about the security of its systems and employees data. Similar to the ICAO incident, the data has been leaked via one of the popular Dark Web communities on February 4, 2024.

Data breaches 97

Data breaches Information Security Hacking Marketing 97