#threat-actors

[ follow ]
fromDataBreaches.Net
2 weeks ago

Watsonville Community Hospital had a data breach - or two. It would be helpful to know which. - DataBreaches.Net

On December 8, 2024, DataBreaches reported that Watsonville Community Hospital in California was continuing to respond to what they referred to as a cyberattack on November 29. No gang had claimed responsibility at that point, patients hadn't been notified yet, and the hospital wasn't stating whether the attack involved encryption of any files. Weeks later, and in a substitute notice posted on December 31, 2024, they noted that patients' name, date of birth, Social Security number, passport number, and diagnosis information may have been present in files that had been accessed in a "recent data security event" that was still under investigation. The hospital did not confirm or deny whether this was a ransomware attack.
fromThe Hacker News
3 weeks ago

OpenAI Disrupts Russian, North Korean, and Chinese Hackers Misusing ChatGPT for Cyberattacks

The AI company said while its large language models (LLMs) refused the threat actor's direct requests to produce malicious content, they worked around the limitation by creating building-block code, which was then assembled to create the workflows. Some of the produced output involved code for obfuscation, clipboard monitoring, and basic utilities to exfiltrate data using a Telegram bot. It's worth pointing out that none of these outputs are inherently malicious on their own.
Information security
Information security
fromDataBreaches.Net
1 month ago

Hackers claim access to law enforcement portals, but do they really have access? - DataBreaches.Net

Threat actors claimed access to the U.S. CJIS background-check portal and Google's law-enforcement request system; Google disabled a fraudulent account and reported no data accessed.
#ransomware
#cybersecurity
Privacy professionals
fromComputerWeekly.com
3 months ago

Chinese cyber spies among those linked to SharePoint attacks | Computer Weekly

A Chinese state threat actor is exploiting CVE-2025-53770, a significant vulnerability in Microsoft SharePoint.
Multiple actors are actively exploiting this critical vulnerability, requiring immediate mitigation.
Privacy technologies
fromThe Hacker News
3 months ago

PoisonSeed Hackers Bypass FIDO Keys Using QR Phishing and Cross-Device Sign-In Abuse

Attackers can bypass FIDO key protections by tricking users into approving authentication requests from spoofed login portals.
fromThe Hacker News
3 months ago

Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments

The threat actor leveraged combinations of sophisticated and stealthy techniques creating multilayered attack kill chains to facilitate access to restricted and segmented network assets within presumed to be isolated environments.
Information security
Information security
fromThe Hacker News
3 months ago

Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware

Hackers are exploiting Shellter, a red teaming tool, for malfeasance, distributing stealer malware following a leaked version.
Information security
fromThe Hacker News
6 months ago

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit

Fortinet warns that attackers maintain read-only access to vulnerable FortiGate devices by exploiting symlinks, despite patching initial vulnerabilities.
[ Load more ]