Security Affairs

JANUARY 3, 2025

Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals. In May 2023, RUMC suffered a ransomware attack that caused a multi-week disruption.

Data breaches

Centraleyes

DECEMBER 16, 2024

Verizons Data Breach Investigations Report showed that 74% of security breaches involve a human element, with system administrators and developers accounting for most of these errors. Ransomware Still Reigns Supreme Ransomware attacks continue to plague organizations globally, and 2024 will be no different.

Cybersecurity

Krebs on Security

NOVEMBER 14, 2024

for stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. Shefel claims his Sugar ransomware affiliate program was a bust, and never generated any profits. Sugar Locker), which targeted single computers and end-users instead of corporations. “Hi, how are you?” ” he inquired.

Advertising

Malwarebytes

JANUARY 6, 2025

A US chain of dental offices known as Westend Dental LLC denied a 2020 ransomware attack and its associated data breach, instead telling their customers that data was lost due to an accidentally formatted hard drive. In October 2020, Westend Dental was attacked by the Medusa Locker ransomware group.

Data breaches

The Last Watchdog

MAY 15, 2025

Small businesses make up 90% of all companies worldwide and account for half of global GDP. Once inside, they can disrupt operations, steal or sell data, launch fraudulent transactions, or install ransomware to demand payouts. In some cases, pre-built ransomware kits complete with instructions are sold for just a few hundred dollars.

Small Business

SecureWorld News

OCTOBER 28, 2024

UnitedHealth Group recently confirmed that a ransomware attack on subsidiary Change Healthcare has compromised the personal information and healthcare data of more than 100 million individuals. Guccione also underscores the importance of multi-factor authentication (MFA) as a safeguard for individual accounts, even in a credential leak.

Healthcare

Malwarebytes

OCTOBER 25, 2024

The attack on Change Healthcare, which processes about 50% of US medical claims, was one of the worst ransomware attacks against American healthcare and caused widespread disruption in payments to doctors and health facilities. OCR did this because of the cyberattack’s unprecedented impact on patient care and privacy. Take your time.

Healthcare

SecureWorld News

APRIL 23, 2025

Phishing accounted for nearly 25% of all breaches. The DBIR breaks down breach trends across industries: Financial and Insurance: Heavily targeted by credential stuffing and phishing; fastest detection rates. Public Sector: DoS attacks and ransomware remain major concerns. And it's not slowing down."

CISO

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

SecureWorld News

MAY 2, 2025

Healthcare cybersecurity demand will be driven by ransomware resilience needs, FDA mandates for medical devices, and AI-powered threat detection," notes the Astute Analytica report. A primary catalyst is the sharp rise in ransomware and other attacks on hospitals and clinics. Regional outlook: where is growth happening?

Healthcare

Security Affairs

MAY 27, 2025

Nova Scotia Power confirms it was hit by a ransomware attack but hasn’t paid the ransom, nearly a month after first disclosing the cyberattack. Nova Scotia Power confirmed it was hit by a ransomware attack nearly a month after disclosing a cyber incident. The company revealed it hasnt paid the ransom. Nova Scotia Power Inc.

Energy and Utilities

Security Affairs

JANUARY 9, 2025

Medusind did not share details about the attack, it is unclear if the company was the victim of a ransomware attack. At this time, not ransomware gang claimed responsibility for the attack. The information impacted varies by individual.

Data breaches

Security Affairs

DECEMBER 17, 2024

The university did not share details about the attack, however, the Interlock ransomware gang claimed responsibility for the security breach. The ransomware group claimed the theft of 2.6 terabytes of data, including patient data, medical research, and a large set of SQL databases.

Data breaches

SecureWorld News

JULY 28, 2025

The threat actors are bypassing traditional endpoint protections by directly attacking the hypervisor layer, utilizing social engineering and identity compromise to hijack administrative access and deploy ransomware from within. He noted that the group is no longer focused on quick account takeovers, but rather full infrastructure compromise.

Social Engineering

Malwarebytes

FEBRUARY 4, 2025

And yet, if artificial intelligence achieves what is called an agentic model in 2025, novel and boundless attacks could be within reach, as AI tools take on the roles of agents that independently discover vulnerabilities, steal logins, and pry into accounts. These are real threats, but they are not novel. That could change in 2025.

Artificial Intelligence

Security Affairs

MAY 15, 2025

At this time, no ransomware group has claimed responsibility yet. The companies did not share technical details about the attack, however, experts speculate they have been targeted in a ransomware attack. On April 25, both companies found unauthorized access to parts of their network. or Caribbean utilities.

Data breaches

Security Affairs

MARCH 20, 2025

On September 9, 2024, the Rhysida ransomware group claimed responsibility for the security breach. The company started notifying potentially impacted individuals. .” ” continues the notification. PSEAprovided one year of free credit monitoring and identity restoration services to the impacted individuals.

Data breaches

Security Boulevard

JANUARY 24, 2025

Meanwhile, a report warns about overprivileged cloud accounts. And get the latest on ransomware trends; CIS Benchmarks; and data privacy. IT Governance) 3 - Google: Hackers shift sights to overprivileged cloud accounts Cloud accounts that have more privileges than they should are increasingly attracting the attention of hackers.

Banking

Security Affairs

MAY 5, 2025

Benefits and payroll solutions firm Kelly & Associates Insurance Group, aka Kelly Benefits, announced that the impact of a recently disclosed data breach is much bigger than initially estimated. ” The company did not share details about the attack, no ransomware group claimed responsibility for the intrusion.

Data breaches

Digital Shadows

NOVEMBER 26, 2024

Key Points Phishing incidents rose during the reporting period (August 1 to October 31, 2024), accounting for 46% of all customer incidents. Cloud services alerts increased by 20% due to rising cloud account usage, while malicious file alerts in phishing attacks remain high, exploiting users’ tendencies to open files.

Cyber Attacks

Centraleyes

JULY 27, 2025

Organizations must prepare for the technical audit by ensuring they meet all five CE+ control areas: Firewalls Secure configuration User access control Malware protection Security update management Version 3.2 technical testing with speed and precision.

Insurance

Malwarebytes

JULY 29, 2025

Insurance company Allianz Life was breached, exposing the data of most of its 1.4 However, in June, Google warned about a ransomware group that was specializing in voice phishing (vishing) campaigns that are specifically designed to compromise organizations’ Salesforce instances for large-scale data theft and extortion.

Social Engineering

Malwarebytes

JANUARY 20, 2025

Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Welcome to 2025 Stay safe! Want to learn more about how we can help protect your business? Get a free trial below.

Insurance

Webroot

FEBRUARY 21, 2025

Cybercriminals are constantly developing new malware , ransomware , and phishing attacks that can steal identities, encrypt memorable family photos and documents for ransom, and turn home computers into devices that criminals take over to send spam or steal data. Check what data these devices collect and adjust accordingly.

Identity Theft

Webroot

APRIL 22, 2025

Financial services industry: Banks, insurance companies and other financial organizations offer a wealth of opportunity for hackers who can use stolen bank account and credit card information for their own financial gain. They can open accounts in your name, apply for loans, and even file false tax returns.

Data breaches

Thales Cloud Protection & Licensing

OCTOBER 14, 2024

Looking at FinServ firms’ top threats, ransomware attacks against this sector continue to grow, with 18% saying they had suffered an attack. A lack of multifactor authentication (MFA) to protect privileged accounts was another culprit, at 10%, also 7 percentage points lower than average.

Financial Services

Centraleyes

MARCH 13, 2025

The New York Department of Financial Services (NYDFS) Cybersecurity Regulation, officially known as 23 NYCRR Part 500, is a forward-thinking framework designed to protect consumers sensitive data while holding businesses accountable for their cybersecurity practices. This plan is your playbook for staying calm under pressure.

Cybersecurity

Security Affairs

JULY 1, 2025

” The company confirmed that stolen data included names, Social Security numbers, medical and insurance info. “As a precaution, it is always good practice to remain vigilant against incidents of identity theft and fraud by reviewing account statements and monitoring free credit reports for suspicious activity and to detect errors.”

Data breaches

SecureWorld News

JULY 1, 2025

Ransomware-as-a-Service collectives go even further in allowing practically anyone to enact cyberattacks; the Play gang weaponized a 2025 Windows zero-day just days after it was introduced, bundling the exploit into its affiliate kit for paying customers. Even near misses erode institutional legitimacy and public trust.

Social Engineering

Digital Shadows

DECEMBER 5, 2024

Responses suggested exploiting the information for insider trading, with one forum member comparing the potential profits to those from ransomware. By contrast, the finance and insurance; professional, scientific, and technical services (PSTS); and retail trade sectors accounted for 8% each. Another user recommended blackmail.

Cybersecurity

Jane Frankland

JUNE 24, 2025

The UK Government’s refreshed Cyber Governance Code of Practice sets a clear direction with guidance, and is holding boards accountable for human cyber risk. They are ultimately accountable for ensuring their organization is resilient.” ( The Times , April 2024) This is not just rhetoric. The good news? Change is happening.

Cyber Risk

Jane Frankland

JANUARY 12, 2025

Ransomware remains a prominent threat, but the methods have evolved. Double extortion ransomware is now a preferred techniquea devastating one-two punch where attackers not only encrypt a companys data but also steal sensitive information. Cyber Insurance Cyber insurance will become an essential component of risk management strategies.

Cybersecurity

Trend Micro

JUNE 26, 2025

Completion rates can account for employees’ knowledge. Track employee behaviour change based on metrics like the overall risk of account compromise and the number of accounts with weak authentication. Under Attack? To drive engagement, you can offer employees incentives (e.g., gift cards) and add gamification strategies (e.g.,

Security Awareness

GlobalSign

JULY 14, 2025

Following success in hitting major retailers, they moved onto the insurance market , stealing critical datasets from a top insurance provider before potentially being the group behind a late-June attack on a major airline. From retail, to insurance, to aviation – it raises the question, who could be next?

Insurance

BH Consulting

APRIL 30, 2025

Exploitation of vulnerabilities surged by 34 per cent, and now account for 20 per cent of breaches. Ransomware rose significantly; it was present in 44 per cent of breaches and 31 per cent of incidents. Infosecurity Magazine led with the angle that ransomware is particularly affecting small businesses.

Data breaches

Trend Micro

JUNE 10, 2025

Each team can independently sign off on an image, ensuring accountability and reducing deployment risk. Worldwide 2023 Email Phishing Statistics and Examples BERT Ransomware Group Targets Asia and Europe on Multiple Platforms See all articles Trend Vision One™ - Proactive Security Starts Here.

Cyber Risk

BH Consulting

MAY 28, 2025

Drawing on reports from the World Economic Forum, the Verizon Data Breach Investigations Report and Hiscox Insurance, Brian painted a picture of what that dark side looks like. Ransomware and business email compromise are constant threats against many businesses. Supply chain breaches are also becoming more frequent.

Scams