X-Industry

Nearly 400,000 people had sensitive healthcare information stolen by hackers during a 2023 cyberattack on a company that supports eye clinics.  Colorado-based Panorama Eyecare told regulators in Maine and Massachusetts that 377,911 current and former patients and employees had data stolen; including names, Social Security numbers, dates of birth, license numbers, financial account information, dates of service and medical provider names.

Panorama Eyecare owns or provides services to dozens of op

The US government announced on 05 June 2024 that it had filed a civil forfeiture action to recover more than $5.3 million lost by a Massachusetts workers union in a business email compromise (BEC) scam.  The unnamed union in Dorchester lost the money in January 2023 when cybercriminals sent it an email that appeared to come from a trusted investment consulting firm.   The scammers used a spoofed email address to trick the workers union into believing that the investment consulting firm was reque

A recent post on ClearanceJobs (https://www.clearancejobs.com), the most significant career network for professionals with federal government security clearance, listed the "10 Highest Paying Tech Jobs in 2024 and Beyond."

What was interesting: 1) The number of these jobs that did not exist 10, five, or even one or two years ago; and 2) How many of the roles are tied to cybersecurity directly or indirectly.[1]

Here is the list (you can check the link above for specific job details):

1. Data Scient

The Spam and Open Relay Blocking System (SORBS), a long-time source of information on known sources of spam, widely used to create blocklists, has been shut down by its owner, cyber security software vendor Proofpoint.  SORBS provided free access to a DNS-based Block List (DNSBL) that lists over 12 million host servers known to disseminate spam, phishing attacks and other email nasties.  The service states its list "typically includes email servers suspected of sending or relaying spam, servers

As the 2024 Paris Summer Olympics approach, a sophisticated Russian disinformation campaign is in high gear to sow confusion, undermine the Games, and dissuade spectators from attending.  This is according to a new report from the Microsoft Threat Analysis Center (MTAC) that outlines extensive malign influence efforts emanating from Russia-aligned actors.  "In just under three months, after traversing more than 3,000 miles across 450 French towns, the Olympic flame will be lit at the Opening Cer

LightSpy is a modular surveillance framework that can be used to steal a variety of data, including files, screenshots, mobile location data, or even messenger data from apps like Telegram.  It was first documented by TrendMicro and Kapersky in 2020 as an iOS implant.  At the time, LightSpy would spread through a watering hole method, which is to say that targets would be directed to pages mimicking local news sites.  An example page can be seen in the image below.  The APT group said to be resp

In April of this year, a cyberattack on a large telecommunications company has been claimed by a ransomware gang that is gaining momentum as a cybercriminal operation.  On 1 June, the RansomHub operation posted Frontier Communications to its leak site claiming to have sensitive information of more than 2 million people.  The group claimed it spent more than two months attempting to extort the company but never got a response.  Frontier did not respond to requests for comment but reported a cyber

It is being reported that Apple has declined to issue a bug bounty to the Russian cybersecurity company Kaspersky Lab.  This after it disclosed four zero-day vulnerabilities in iPhone software that were allegedly used to spy on Kaspersky employees as well as Russian diplomats.

A spokesperson for Kaspersky Lab said that the company’s research team considered their work “eligible for Bug Bounty rewards from Apple. However, when asked about it, we received a decline from the Apple Security team ref

In an increasingly interconnected world, supply chain attacks have emerged as a formidable threat, compromising not just individual organizations but the broader digital ecosystem.  The web of interdependencies among businesses, especially for software and IT vendors, provides fertile ground for cybercriminals to exploit vulnerabilities.  By targeting one weak link in the supply chain, threat actors can gain unauthorized access to sensitive information and can conduct malicious activities with s

Law enforcement agencies in the United States and Europe announced on 30 May Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware.  Titled: “the largest ever operation against botnets,” the international effort is being billed as the opening salvo in an ongoing campaign targeting advanced malware “droppers” or “loaders” like IcedID, Smokeloader and Trickbot.

Link to full report: IR-24-151-001_OPendgame.p

FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file.  The attacker uses a multi-stage malware strategy to deliver the notorious "Cobalt Strike" payload and establish communication with a command and control (C2) server.  This attack employs various evasion techniques to ensure successful payload delivery.

Over the past few years, Ukraine has been a significant target due to its geopolitical situation

What would it take for someone to hack a tank?  Modern Western militaries may well be about to find out.  The militaries of the United States, Germany, France, the United Kingdom, Australia, and other powers are contemplating the gradual introduction of electric vehicles into their motorized fleets.  These initiatives are linked to national decarbonization strategies and are also meant to modernize these fleets for the future of warfare.  However, electrification also entails an important and un

Live Nation, the parent company of Ticketmaster, revealed Friday evening that it was the victim of a cyber-attack that compromised user data.  The company said in a filing with the U.S. Securities and Exchange Commission that it discovered an "unauthorized activity within a third-party cloud database," on May 20 and promptly launched an investigation.

A week later, "a criminal threat actor offered Live Nation what it alleged was user data for sale via the dark web, according to the filing.  "As

On 1 May 2024 the CEO of United Health Group was invited to Washington, DC to spend the day getting raked over the coals by US Senator Ron Wyden (D-Oregon) Chairman of the Senate Finance Committee and others at a meeting titled “Hacking America’s Health Care: Assessing the Change Healthcare Cyber Attack and What’s Next.”  Wyden set the tone early when he described the UNH cyber incident this way, “The Change Healthcare hack is considered by many to be the biggest cybersecurity disruption to heal

Amid an onslaught of high-profile cyberattacks showing how companies often neglect basic security measures, the Department of Justice is trying to use a law passed during the Civil War to put businesses on notice that these failures are unacceptable.  Under the umbrella of DOJ’s Civil Cyber-Fraud Initiative, US government attorneys have since early 2022 deployed the pointedly named False Claims Act to punish contractors that mislead the government about their cybersecurity defenses, hoping to se

Microsoft will soon allow businesses and developers to build AI-powered Copilots that can work like virtual employees and perform tasks automatically.  Instead of Copilot sitting idle waiting for queries, it will be able to monitor email inboxes and automate tasks or data entry that employees normally have to do manually.  It is a big change in the behavior of Copilot, which the industry commonly calls AI agents or the ability for chatbots to intelligently perform complex tasks autonomously.  “W

HP Wolf Security has published a report that finds that the tactics and techniques being used by cybercriminals are evolving.  In contrast, different cybercriminals continue to exploit weaknesses that are simple to exploit.  For example, cybercriminals use an advanced WikiLoader campaign to exploit open redirect vulnerabilities within websites to circumvent detection. Users are directed to trustworthy sites, often via fake advertisements, before being redirected to malicious sites.  Elsewhere, c

The Advanced Research Projects Agency for Health (ARPA-H) announced on 20 May 2024 the launch of the Universal PatchinG and Remediation for Autonomous DEfense (UPGRADE) program. This cybersecurity effort will invest more than $50 million to create tools for information technology (IT) teams to defend better the hospital environments they are tasked with securing.

Cyberattacks that hamper hospital operations can impact patient care while critical systems are down and can even lead to facility clo

More than $22 million worth of cryptocurrency was stolen from the Gala Games this week after someone compromised the blockchain platform.  The company confirmed that it dealt with a security incident on 20 May, writing on social media that it was an “isolated incident, the cause of which has been addressed.”

“We are working closely with law enforcement to investigate the individuals behind the breach,” the company said, noting that it will provide updates as the investigation continues.  Gala Ga

The National Security Agency (NSA) recently launched its Cybersecurity Collaboration Center (CCC) to proactively help private companies and federal partners fight off advanced cyber adversaries at no cost. Judging by the enthusiastic response so far, CCC’s services are poised to be in high demand.

Through the CCC, the NSA shares its extensive knowledge, threat intelligence, and advanced cybersecurity capabilities directly with organizations across technology, energy, finance, and more sectors.