A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane that was first detected in March 2023. Singapore-headquartered Group-IB described the hacking outfit as an advanced persistent threat group that’s believed to have been active since at least 2022. The exact specifics of the infection chain remain unknown as yet, […]
Monthly Archives: March 2024
iPhone users in the European Union can now download apps from alternative app stores for the first time, thanks to the new iOS 17.4 update but mostly thanks to DMA). Digital Markets Act aims to promote fair competition in the digital market. However, there’s a catch: if you’re planning to go on a ‘longer’ vacation, […]
Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild. The shortcomings are listed below – CVE-2024-23225 – A memory corruption issue in Kernel that an attacker with arbitrary kernel read and write capability can exploit to bypass kernel memory protections CVE-2024-23296 – A […]
The Cybersecurity and Infrastructure Security Agency (CISA) is urging all organizations, especially federal agencies of countries, to patch a critical vulnerability in the Microsoft Streaming Service (MSKSSRV.SYS) that attackers are actively and extensively exploiting. The vulnerability goes by the ID CVE-2023-29360. What it does is it allows local attackers to gain full control (SYSTEM privileges) […]
Third-party cookies have long been used for targeted advertising, but on the other hand, they also raise privacy concerns. And due to it, users often lack transparency about how their data is collected and shared. To address this, web browsers are moving away from third-party cookies altogether. The announcement of the new Privacy-Preserving Ads API […]
Kaseya, a provider of unified IT management and security software for managed service providers (MSPs) and small to midsize business (SMBs), today released its 2024 MSP Benchmark Report, which surveyed close to 1,000 MSPs from the Americas, EMEA (Europe, Middle East and Africa) and APAC (Asia Pacific) regions and includes responses from both IT professionals […]
A Little Sunshine, ALPHV ransomware, BlackCat ransomware, Change Healthcare, Data Breaches, Dmitry Smilyanets, Emsisoft, Fabian Wosar, fbi, Krebs, LockBit, NCA, News, Optum, RAMP, ransomware, Recorded Future, Security, wired.com
BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare
05
Mar
Mar
There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. “ALPHV“) as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access […]
The National Security Agency is sharing new guidance to help organizations limit an adversary’s movement on the internal network by adopting zero-trust framework principles. […]
Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. […]
Canada’s national anti-money laundering agency has been hit by a cyber attack. The Financial Transactions and Reports Analysis Centre of Canada (FINTRAC) said Tuesday that over the last 24 hours it has been managing a cyber incident. “The incident does not involve the centre’s intelligence or classified systems,” it said in a statement. “As a […]