A series of unfortunate events allowed the China-backed adversary, which Microsoft tracks as Storm-0558, to gain ‘lawful’ access to the Exchange Online and Azure Active Directory (now called Microsoft Entra ID) accounts of 25 organizations.

Check Point Software plans to purchase Atmosec, an early-stage SaaS security startup founded by former Armis leaders to anticipate and block threats from malicious applications.

The ransomware attack on Mayanei Hayeshua Medical Center resulted in the shutdown of its administrative computer systems, leading the hospital to redirect new patients and those requiring emergency care to other medical centers.

Financially motivated hackers developed custom malware to exploit a likely zero-day flaw in popular property management software used by resorts and hotels, said security researchers.

IBM has worked with the database provider to address the technical issue, but warned Janssen customers about the potential for their personal information to be misused by malicious actors.

The council said it will not pay a ransom of $1.5 million demanded by the hackers, according to local media reports. The incident has affected a broad range of city services, including police, firefighters, and tax collection.

In a data breach notification letter sent to the affected individuals, a copy of which was submitted to the Maine Attorney General’s Office, See Tickets says the new attack was identified in May 2023 and completely shut down in July.

A Mirai botnet variant called Pandora has been observed infiltrating inexpensive Android-based TV sets and TV boxes and using them as part of a botnet to perform distributed denial-of-service (DDoS) attacks.

Tracked as CVE-2023-20238, the vulnerability affecting the BroadWorks platform was identified in the SSO implementation and could be exploited by remote, unauthenticated attackers to forge credentials and access affected systems.

Travel booking giant Sabre said it was investigating claims of a cyberattack after a tranche of files purportedly stolen from the company appeared on an extortion group’s leak site.