The Department of Defense announced on Friday that it submitted its classified 2023 cyber strategy to Congress “earlier this week” and plans to release an unclassified summary of its new cybersecurity approach “in the coming months.”
An upstate New York medical specialty practice told regulators that hackers compromised the personal and protected health information of nearly 224,500 employees and patients in an incident discovered in March.
Latitude was able to process transactions during the incident, but “account originations and collections were closed or severely restricted.” The company has since fully recovered, it says.
An unidentified threat actor group has been observed employing a malicious Windows kernel driver in targeted attacks, primarily focusing on the Middle East region. Fortinet security experts have dubbed the artifact as WINTAPIX (WinTapix.sys). To stay protected, users are suggested to immediately implement the driver blocklist feature in Windows to block malicious drivers.
The multi-stage attack chain identified by Dig, in a nutshell, leveraged a gap in the cloud platform’s security layer associated with SQL Server to escalate the privileges of a user to that of an administrator role.
Memorial Day weekend marks the start of the summer travel season. U.S. authorities and network defenders in the private sector are quietly paying attention to potential threats that may emerge during key holiday weekends over the next three months.
Technicians were working to “mitigate the consequences” of the attack, the ministry wrote in a statement, adding that initial checks showed no evidence of data theft. It was too early to predict when activities would be back to normal, it said.
The attacks began in mid-May 2023 when the attackers started targeting Internet-exposed private Emby servers and infiltrating those configured to allow admin logins without a password on the local network.
Since the first known appearance of AceCryptor back in 2016, many malware authors have used the services of this cryptor, even the best-known crimeware like Emotet, back when it didn’t use its own cryptor.
Dark Frost represents the latest iteration of a botnet that appears to have been stitched together by stealing source code from various botnet malware strains such as Mirai, Gafgyt, and QBot.