Security Affairs

MARCH 24, 2025

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office. ” reads a report published by Halcyon.

Ransomware

eSecurity Planet

JULY 27, 2025

agencies have issued a joint cybersecurity alert warning about the escalating threat posed by the Interlock ransomware operation, which has increasingly targeted businesses, healthcare providers, and critical infrastructure entities across North America and Europe. Still, healthcare organizations have been frequent victims.

Healthcare

Security Affairs

APRIL 13, 2025

The ransomware group has since leaked the stolen data on its dark web leak site. They continue to monitor for potential data misuse and urge vigilance against fraud, phishing, and identity theft. Ransomware attacks on U.S. healthcare providers surged in 2024, with 98 attacks compromising 117 million records.

Data breaches

Security Boulevard

AUGUST 5, 2025

There’s no such thing as a routine day in healthcare IT anymore. While clinicians focus on saving lives, cybersecurity teams are fighting their own battles behind the scenes—battles against credential thieves, ransomware disruptions, phishing attacks and supply chain vulnerabilities that can knock entire hospital systems offline.

Healthcare

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business

Hacker's King

DECEMBER 16, 2024

From ransomware to sophisticated state-sponsored attacks, no organization is immune. Types of Recent Cyber Attacks Ransomware Attacks : Ransomware continues to be one of the most prevalent and damaging types of cyber attacks. Simulated phishing exercises can help staff become more aware of these threats.

Cyber Attacks

eSecurity Planet

FEBRUARY 24, 2025

Over 200,000 internal messages from the notorious ransomware group Black Basta have surfaced online exposing deep divisions, ransom negotiations, and internal dysfunction. Cybersecurity experts are now poring over the data, uncovering a rare inside look at how one of the most feared ransomware groups operates and potentially unravels.

Ransomware

SecureList

NOVEMBER 29, 2024

The campaign, which we dubbed EastWind , used phishing emails with malicious shortcuts attached to deliver malware to target computers. The attack starts with phishing emails purporting to be a court order or summons from an institution in Colombia’s judicial system.

Energy and Utilities

Centraleyes

DECEMBER 16, 2024

Ransomware Still Reigns Supreme Ransomware attacks continue to plague organizations globally, and 2024 will be no different. Attackers are becoming more organized, with ransomware-as-a-service (RaaS) operations providing easy access to malicious tools for even novice cybercriminals.

Cybersecurity

SecureWorld News

JUNE 9, 2025

Additionally, a distributed workforce, ranging from remote maintenance technicians to cabin crews, multiplies entry points for social-engineering tactics like phishing. Ransomware is especially prevalent, with 55% of civil aviation cyber decision-makers admitting to being victims in the past 12 months.

Cybersecurity

eSecurity Planet

OCTOBER 15, 2024

While American Water has not disclosed the exact method of attack, such incidents often involve tactics like ransomware or phishing , where hackers gain access to sensitive systems and either steal or encrypt data, demanding a ransom in return for restoring access.

Cybersecurity

SecureWorld News

APRIL 23, 2025

As the report starkly states: "The three primary ways in which attackers access an organization are stolen credentials, phishing and exploitation of vulnerabilitiesacross every single industry." Phishing accounted for nearly 25% of all breaches. Healthcare: Insider threats and error-related breaches dominate. Speed matters.

CISO

IT Security Guru

FEBRUARY 25, 2025

Initial Compromise: Malefactors first gain access to the victims credentials through phishing, brute force attacks, or dark web marketplaces. Lateral Movement: Once inside, crooks may escalate privileges, exfiltrate sensitive data, or deploy ransomware and other malicious tools.

Social Engineering

Hacker's King

OCTOBER 19, 2024

Data breaches, ransomware attacks, and phishing schemes have become common occurrences, affecting everything from small businesses to multinational corporations. Whether it's financial institutions, healthcare providers, or e-commerce platforms, organizations are prime targets for hackers seeking sensitive data or financial gain.

Cybersecurity

SecureWorld News

NOVEMBER 13, 2024

MOVEit, a file transfer software developed by Progress Software, was exploited by the Cl0p ransomware group, which used a Zero-Day vulnerability to steal sensitive data from organizations using the software. The MOVEit data theft and extortion attacks in May 2023 impacted a significant number of individuals and organizations globally.

Data breaches

SecureWorld News

MAY 16, 2025

"Scattered Spider is a particularly tricky and stealthy distributed group of cybercriminals and is considered part of 'The Community,' a broader group of cyber adversaries engaged in everything from SIM swapping to ransomware using widely available RaaS platforms. Strengthen identity and access controls Enforce phishing-resistant MFA.

Retail

Security Affairs

AUGUST 9, 2025

Embargo ransomware, likely a BlackCat/Alphv successor, has netted $34.2M The Embargo ransomware group has processed $34.2M million in incoming transaction volume likely associated with the group, with most victims located in the United States (US) in the healthcare, business services, and manufacturing sectors.”

Ransomware

IT Security Guru

NOVEMBER 1, 2024

Types of Cybersecurity Threats Malware and Ransomware: These can disable systems or steal data for ransom. Phishing and Social Engineering: These tactics manipulate individuals to disclose sensitive information. The risk posed by these actors continues to grow as nations rely increasingly on interconnected digital infrastructure.

Technology

SecureWorld News

MAY 14, 2025

Top cybercrime categories: Phishing/spoofing: 193,407 complaints Extortion: 86,415 complaints Personal data breaches: 64,882 complaints Cryptocurrency-related scams: Nearly 150,000 complaints involved cryptocurrency, accounting for $9.3 Ransomware The IC3 recognized 67 new ransomware variants in 2024. billion in losses.

Cybercrime

Security Affairs

JANUARY 19, 2025

CISA adds Aviatrix Controllers vulnerability to its Known Exploited Vulnerabilities catalog ESET detailed a flaw that could allow a bypass of the Secure Boot in UEFI systems Russia-linked APT Star Blizzard targets WhatsApp accounts Prominent US law firm Wolf Haldenstein disclosed a data breach Clop Ransomware exploits Cleo File Transfer flaw: dozens (..)

Spyware

Security Affairs

DECEMBER 1, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Security Affairs

FEBRUARY 23, 2025

CISA adds Craft CMS and Palo Alto Networks PAN-OS flaws to its Known Exploited Vulnerabilities catalog Atlassian fixed critical flaws in Confluence and Crowd Salt Typhoon used custom malware JumbledPath to spy U.S.

Scams

SecureWorld News

JULY 1, 2025

The opening months of 2025 have been sobering for anyone who depends on electricity, water, transport, or healthcare, which is to say, everyone. Generative AI sustains sophisticated, multi-channel social engineering for phishing campaigns to gain access privileges to critical infrastructure. In February, U.S.

Social Engineering

Webroot

APRIL 22, 2025

Here are some of the most likely targets for access to consumer data: Healthcare organizations : Healthcare companies are a prime target for cybercrime due to the large amounts of sensitive data they store, which includes personal information and medical records. This makes it accessible to a worldwide network of criminals.

Data breaches

SecureWorld News

FEBRUARY 4, 2025

Notably, 2024 was unprecedentedly precarious with the second largest in history National Public Data breach and the biggest healthcare data breach to date with the massive attack on Change Healthcare. Cybercrime has been steadily on the rise for the past years. Nearly 3 billion records were stolen in the U.S., Canada, and the U.K.,

Marketing

BH Consulting

APRIL 16, 2025

Regulatory uncertainty remains a barrier, yet she urged industries to press forward responsibly, highlighting examples like robotic surgery and diagnostic algorithms that are transforming healthcare. He walked us through the evolution of ransomware from the early days of CryptoLocker in 1989 to modern AI-powered ransomware.

Risk

Thales Cloud Protection & Licensing

OCTOBER 16, 2024

In fact, according to the 2024 Thales Data Threat Report , more than 80% of organizations reported at least one breach in the last year, while ransomware attacks grew more frequent, with 28% of organizations reported experiencing an attack in 2024, compared to 22% in 2023. A host of threats continue to put enterprise data at risk.

DDOS

SecureList

NOVEMBER 28, 2024

Based on limited telemetry, we believe with medium to low confidence that some of the initial infections were spear-phishing emails. In this most recent campaign, the actor uses spear-phishing emails, embedding a JavaScript loader as the initial infection vector.

Malware

Security Affairs

MARCH 11, 2025

Hackers deploy various techniques, such as man-in-the-middle attacks, ransomware, phishing schemes, and supply chain compromises, to intercept, manipulate, or steal sensitive data. This technique is particularly useful in industries such as finance and healthcare, where regulatory compliance mandates strict data confidentiality.

Cybersecurity

Malwarebytes

FEBRUARY 3, 2025

Last week on Malwarebytes Labs: ClickFix vs. traditional download in new DarkGate campaign Cybercrime gets a few punches on the nose Microsoft advertisers phished via malicious Google ads The DeepSeek controversy: Authorities ask where does the data come from and how safe is it? Want to learn more about how we can help protect your business?

Healthcare

SecureWorld News

JULY 27, 2025

Finally, consumers buy the goods to perform card-not-present fraud, create synthetic identities, or phish fresh victims. The doorway most often used is phishing. Records show an 84% surge in infostealers delivered by phishing emails , showing a greater preference for cunning credential theft over brute-force hacking.

Phishing

Centraleyes

JULY 27, 2025

technical testing with speed and precision.

Insurance

BH Consulting

JUNE 30, 2025

Stolen data fuels the digital underworld, powering a criminal ecosystem that spans from online fraud and ransomware to child exploitation and extortion,” the agency said. The data spans all sectors but the healthcare sector in particular is hit hard. Links we liked If Troy Hunt can fall for a phishing scam, who’s safe?

Scams

Centraleyes

MARCH 20, 2025

Lets explore some notable use cases: Incident Response: A multinational company faced a ransomware attack that encrypted a portion of its servers. Phishing Campaign Detection: A healthcare provider used email traffic heat maps to identify unusual spikes in phishing emails targeting specific departments.

Cyber Attacks

Trend Micro

JUNE 26, 2025

To do this, you can run organizational surveys about security knowledge, conduct a baseline phishing simulation, and evaluate previous incidents. Under Attack? Set risk-based objectives Define outcome-driven goals depending on your people, processes and technology.

Security Awareness

The Last Watchdog

DECEMBER 15, 2024

Despite Russias selective crackdowns on ransomware groups, this trend poses escalating risks. treats ransomware as state-sponsored terrorism, countermeasures could become far more aggressive, reshaping the fight against cyber threats. MFA attacks, leveraging phishing and session hijacking, are set to rise. If the U.S.

Cybersecurity

Security Affairs

OCTOBER 27, 2024

Chinese cyber spies targeted phones used by Trump and Vance Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement Change Healthcare data breach impacted over 100 million people OnePoint Patient Care data breach impacted 795916 individuals From Risk Assessment to Action: Improving Your DLP Response U.S.

Data breaches