Security Affairs

JULY 26, 2025

BlackSuit is believed to be a rebrand of Royal ransomware , which the FBI and CISA linked to the Conti cybercrime group, a major player in Russian cybercrime. The BlackSuit ransomware targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing.

Ransomware

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. and New Jersey, as well as organizations in the healthcare and other sectors nationwide. The attacks hit law enforcement agencies in Washington, D.C.

Ransomware

Security Affairs

DECEMBER 4, 2024

Black Basta has targeted at least 12 critical infrastructure sectors, including Healthcare and Public Health. Black Basta affiliates have targeted over 500 private industry and critical infrastructure entities, including healthcare organizations, in North America, Europe, and Australia.” reads the CSA.

Ransomware

Security Affairs

DECEMBER 8, 2024

Anna Jaques Hospital is a not-for-profit community healthcare facility located in Newburyport, Massachusetts. On January 19, the Money Messageransomware gang added the healthcare organization to its Tor leak site claiming the theft of 600GB of sensitive data, including PII and diagnoses.

Data breaches

Security Affairs

MARCH 10, 2025

They provide healthcare services including: primary care, geriatric medicine, vision care, behavioral health services, pediatrics, womens health, pediatric medicine, family planning and dental services. healthcare providers surged in 2024, with 98 attacks compromising 117 million records. Ransomware attacks on U.S.

Hacking

Malwarebytes

DECEMBER 2, 2024

The government’s indictment against Ptitsyn should dispel any notion that ransomware gangs only target the largest, richest, most robust corporations on the planet, as one Phobos affiliate allegedly extorted a Maryland-based healthcare provider out of just $2,300—possibly the lowest payment ever recorded. Create offsite, offline backups.

Ransomware

Security Affairs

NOVEMBER 6, 2024

Memorial Hospital and Manor is a community hospital and healthcare facility that serves Decatur County and surrounding areas in southwest Georgia. It offers a range of healthcare services, including emergency care, inpatient and outpatient services, surgical care, and specialized medical services. Ransomware attacks on U.S.

Ransomware

Security Affairs

APRIL 13, 2025

healthcare providers surged in 2024, with 98 attacks compromising 117 million records. High-profile breaches include Change Healthcare (100M records), Summit Pathology (1.8M), OnePoint Patient Care (796K), and Boston Childrens Health Physicians (909K). Ransomware attacks on U.S.

Data breaches

SecureWorld News

APRIL 14, 2025

The evolution of cybercrime is shifting into hyperdrive. For example, a non-profit project URLhaus uses a sophisticated system of rotating residential IP addresses to deploy automated website checkers, looking for malware and sharing the results with its community of security researchers.

Media

Security Affairs

MARCH 12, 2025

“The botnet exploits this vulnerability by injecting a payload that downloads and executes a cleartext shell dropper named dropbpb.sh, responsible for downloading the malware binaries and executing them on the compromised device.” 70) via HTTP on port 81. It processes encrypted data over a RAW socket, limiting further analysis.

IoT

Security Affairs

DECEMBER 21, 2024

Hulea pleaded guilty to computer fraud conspiracy and wire fraud conspiracy on June 20 for his role in the NetWalker ransomware attacks against organizations worldwide, including healthcare during COVID-19. The man admitted to extorting 1,595 bitcoin (~$21.5M) in ransom payments. ” reads the press release published by DoJ.

Ransomware

Security Affairs

DECEMBER 1, 2024

CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog Thai police arrested Chinese hackers involved in SMS blaster attacks Zyxel firewalls targeted in recent ransomware attacks Malware campaign abused flawed Avast Anti-Rootkit driver Russia-linked APT TAG-110 uses targets Europe and Asia Russia-linked threat (..)

Cybercrime

Malwarebytes

MAY 1, 2025

In 2024, Malwarebytes found more than 22,800 phishing apps on Android, according to the recent 2025 State of Malware report.Disguised as apps such as TikTok, Spotify, and WhatsApp, these Android apps can trick victims into handing over their associated usernames and passwords when asking them to login. Create offsite, offline backups.

Small Business

Security Affairs

MARCH 7, 2025

Medusa demands ransoms from $100,000 to $15 million, victims are organizations in healthcare, non-profits, finance, and government sectors. The group targets known vulnerabilities, mainly in Exchange Server. The researchers speculate that the ransomware group relies on initial access brokers to access target infrastructure.

Ransomware

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. Antivirus protection Software that protects against viruses and malware. Each year, the first week of March (March 2-8) is recognized as National Consumer Protection Week (NCPW).

Consumer Protection

Security Affairs

MARCH 2, 2025

” Qilin is a Russian-speaking cybercrime group operating a Ransomware-as-a-Service (RaaS) model since 2022. Qilin has targeted various sectors, including healthcare. Watch this spaceLee Enterprises is aware of whats in play.”

Ransomware

Security Affairs

JUNE 22, 2025

Iran confirmed it shut down internet to protect the country against cyberattacks Godfather Android trojan uses virtualization to hijack banking and crypto apps Cloudflare blocked record-breaking 7.3 Million people Watch out, Veeam fixed a new critical bug in Backup & Replication product U.S.

Data breaches

Security Affairs

NOVEMBER 18, 2024

The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The experts believe that the attackers also copied some of those files.

Ransomware

Security Affairs

FEBRUARY 23, 2025

CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalog Atlassian fixed critical flaws in Confluence and Crowd Salt Typhoon used custom malware JumbledPath to spy U.S. Military & Defense Sector: A Cybersecurity Disaster in the Making Analyzing ELF/Sshdinjector.A!

Scams

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware

Security Affairs

MARCH 24, 2025

The group has extended its operations to countries in Asia and targets various sectors, including healthcare, real estate, construction, IT, food, and manufacturing.” . “Cloak primarily targets small to medium-sized businesses in Europe, with Germany as a key focus. ” reads a report published by Halcyon.

Ransomware

Security Affairs

MAY 3, 2025

The ransomware gang hit organizations in multiple industries, including the education, healthcare, manufacturing, information technology, and government sectors. According to the gangs Tor leak site, at least 182 companies are victims of the operation. The victims of the group are targets of opportunity.

Government

Security Affairs

APRIL 5, 2025

The ransomware gang hit organizations in multiple industries, including education, healthcare, manufacturing, information technology, and government sectors. In September 2024, Port of Seattle confirmed that the Rhysida ransomware group was behind the cyberattack. The Rhysida ransomware group has been active since May 2023.

Data breaches

Webroot

APRIL 22, 2025

Here are some of the most likely targets for access to consumer data: Healthcare organizations : Healthcare companies are a prime target for cybercrime due to the large amounts of sensitive data they store, which includes personal information and medical records. If you do become a victim of identity theft, youll have 24/7 U.S.

Data breaches

Security Affairs

MARCH 26, 2025

Victims included organizations from different segments, including electronics, academia, religious organizations, defense, healthcare, technology, IT/MSP vendors, and government agencies. BlackLock Ransomware was named as one of the fastest-growing ransomware strains for today.

Ransomware

Security Affairs

APRIL 20, 2025

infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js infrastructure International Press Newsletter Cybercrime Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks Threat actors misuse Node.js

Data breaches

Security Affairs

MAY 26, 2025

As of now, the ransomware group has not added the healthcare organization to its leak site. The company notified the US Department of Health and Human Services (HHS) that the data breach impacted 235,911 individuals. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,data breach)

Data breaches

SecureWorld News

JULY 27, 2025

Once they gain access through phishing or other channels, adversaries plant malware or ransomware. We're facing a new era of cybercrime fueled by malware-as-a-service (MaaS), and ransomware-as-a-service (RaaS). Vigilance, coupled with timely intelligence, remains the best bargaining chip in the fight against cybercrime.

Phishing

Penetration Testing

JUNE 15, 2025

It's actively targeting healthcare, construction, and engineering sectors. Anubis, a new RaaS, combines ECIES encryption with a "wipe mode" that permanently destroys files.

Encryption

SecureWorld News

JULY 10, 2025

The World Economic Forum warns that AI-powered cybercrime is among the top concerns shaping the 2025 threat landscape. In another case, a medical device manufacturer's firmware update system was targeted; malware was inserted into life-saving equipment (like pacemakers and insulin pumps), raising alarms about physical safety.

Manufacturing

Security Affairs

OCTOBER 27, 2024

Chinese cyber spies targeted phones used by Trump and Vance Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement Change Healthcare data breach impacted over 100 million people OnePoint Patient Care data breach impacted 795916 individuals From Risk Assessment to Action: Improving Your DLP Response U.S.

Data breaches

Security Affairs

FEBRUARY 1, 2025

The New York Blood Center faced a ransomware attack on Sunday, forcing the healthcare organization to reschedule appointments. The New York Blood Center suffered a ransomware attack on Sunday, causing appointment rescheduling. The New York Blood Center (NYBC) is a community, nonprofit blood bank based in New York City.

Ransomware

Security Affairs

JUNE 6, 2025

Details in our flash alert on CATALYST: [link] pic.twitter.com/oRHQzzIph8 — PRODAFT (@PRODAFT) June 6, 2025 The Qilin ransomware group has been active since at least August 2022 but gained attention in June 2024 for attacking Synnovis , a UK governmental service provider for healthcare.

Ransomware

BH Consulting

JUNE 30, 2025

The annual report from Europol’s European Cybercrime Centre draws upon thousands of investigations that Europol supported over the past year. The data spans all sectors but the healthcare sector in particular is hit hard. Forescout’s VP of security intelligence Rik Ferguson said the figure was probably a conservative estimate.

Scams

Security Affairs

JUNE 25, 2025

The healthcare organization disclosed a data breach that impacted 101104 individuals. With over 30 locations across multiple counties—including in-school clinics and community centers—it provides comprehensive primary medical, dental, and behavioral health services.

Data breaches

Jane Frankland

JANUARY 12, 2025

Threat Actors Cybersecurity threats are growing more complex and persistent, driven by the heightened activities of nation-state actors and increasingly sophisticated cybercrime groups. Organised Cybercrime Groups Up Their Game Cybercriminals arent resting on old tactics with cybercrime expected to hit $12 trillion in 2025.

Cybersecurity

SecureWorld News

DECEMBER 27, 2024

Ransomware Targets Critical Infrastructure: Ransomware attacks will increasingly focus on critical infrastructure, including healthcare, utilities, and transportation, leading to potentially catastrophic consequences. The demand for skilled professionals will outpace supply, making talent retention and training critical priorities.'

Cybersecurity