The BlackCat/ALPHV ransomware gang claimed responsibility for a cyberattack on Optum, affecting the Change Healthcare platform and potentially compromising sensitive data of millions of individuals and organizations.
The adversary used a PDF file posing as an invitation from the Ambassador of India to a wine-tasting event, which contained a malicious link leading to the WINELOADER malware.
LockBit has set up new data leak and negotiation sites, and is actively recruiting experienced pentesters to join their operation, indicating a potential increase in future attacks.
The model’s payload grants the attacker a shell on the compromised machine, enabling them to gain full control over victims’ machines through what is commonly referred to as a “backdoor”.
GTPDOOR is a new Linux malware designed for telecom networks that leverages the GPRS Tunnelling Protocol (GTP) for command-and-control communications, posing a threat to subscriber information and call metadata.
Senator Edward Markey has called for an investigation into the data privacy practices of the automotive industry, urging Federal Trade Commission (FTC) Chair Lina Khan to take action.
The attack involves the automated forking of legitimate repositories, resulting in millions of malicious forks with names identical to the original ones, making detection and removal challenging for GitHub.
The Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) has allocated $45 million for 16 projects aimed at developing new technologies to prevent cyberattacks and reduce energy disruptions.
The hackers have urged Anycubic to open-source their 3D printers due to software deficiencies and have warned affected customers to disconnect their printers from the Internet until the security issue is patched.
Cloud-focused malware campaigns are increasingly targeting services like Docker, Redis, Kubernetes, and Jupyter, requiring security teams to reassess their approaches to identifying and responding to emerging cloud threats.