Cyber Attack
-
OneBlood, a major blood-donation organization in the U.S., experienced a ransomware attack in July 2024. The breach exposed sensitive data, including names and Social Security numbers, affecting donors.
-
BayMark Health Services, a leading provider of addiction treatment in North America, faced a data breach where attackers stole personal and health information of patients. The breach, attributed to the RansomHub ransomware gang, affected systems between September 24 and October 14, 2024.
-
In a startling revelation, India has been ranked as the second most targeted country for cyber attacks globally in 2024. This alarming statistic, reported by cyber intelligence firm CloudSEK, underscores the urgent need for enhanced cybersecurity measures across the nation.
-
Ascension, a leading healthcare network, experienced a devastating ransomware breach in May. The attack, linked to the Black Basta group, compromised sensitive data of nearly 5.6 million patients and employees, revealing critical vulnerabilities in the healthcare sector.
-
A ransomware attack on Comtel Data Centre has severely impacted around 16 stockbrokers, including prominent names like IIFL Securities, 5Paisa, and Axis Securities. The breach has led to blocked exchange access and raised concerns over client data and order flow security. Exchanges have mandated strict security certifications before resuming operations.
-
Two women in Mumbai, including a 61-year-old homemaker, lost a combined Rs 4.7 lakh to cyber fraudsters. These cases underline the growing sophistication of online scams, including KYC updates and fraudulent advertisements.
-
Amazon has confirmed an employee data breach following the massive MOVEit cyberattacks, after threat actor "Nam3L3ss" leaked over 2.8 million lines of employee data, including contact details and office locations, stolen through a third-party vendor. This attack is part of a larger breach that has impacted dozens of global companies through a vendor exploit.
-
A large-scale ransomware campaign targeting over 22,000 CyberPanel instances has leveraged a critical remote code execution vulnerability to infiltrate servers and encrypt files. Known as the PSAUX ransomware, this attack exploits authentication flaws, command injection vulnerabilities, and security filter bypasses in CyberPanel version 2.3.6, leading to mass outages and compromised data security.
-
In May 2024, North Korean hacking group ScarCruft (APT37) exploited an Internet Explorer zero-day flaw (CVE-2024-39178) to distribute RokRAT malware through malicious toast pop-up ads. This zero-click malware campaign, dubbed "Code on Toast," compromised an advertising server, targeting systems to exfiltrate sensitive data and perform espionage activities. Despite Internet Explorer’s retirement, its components still pose a significant risk as threat actors continue exploiting these vulnerabilities.
-
Casio, the renowned Japanese tech company, has confirmed that a ransomware attack earlier this month compromised personal and confidential data of employees, job candidates, business partners, and some customers. The Underground ransomware group has claimed responsibility for the attack, leaking sensitive documents. Casio is urging affected individuals to remain cautious as they continue to investigate the breach.