News – November 2023


  • 9 million patients had data stolen after US medical transcription firm hacked

    November 15, 2023

    Close to nine million patients had highly sensitive personal and health information stolen during a cyberattack on a U.S. medical transcription service earlier this year, representing one of the worst medical-related data breaches in recent times. The medical transcription company, Perry Johnson & Associates, or PJ&A, is a Henderson, Nevada-based company that provides transcription services to ...

  • Update now! Microsoft patches 3 actively exploited zero-days

    November 15, 2023

    Another important update round for this month’s Patch Tuesday. Microsoft has patched a total of 63 vulnerabilities in its operating systems. Five of these vulnerabilities qualify as zero-days, with three listed as being actively exploited. Microsoft considers a vulnerability to be a zero-day if it is publicly disclosed or actively exploited with no official fix available. ...

  • Executing from Memory Using ActiveMQ CVE-2023-46604

    November 15, 2023

    Huntress Labs, Rapid7, and ArticWolf all recently published reports of threat actors exploiting ActiveMQ CVE-2023-46604 to drop ransomware onto the victim host. The attackers used CVE-2023-46604 to invoke cmd.exe followed by curl.exe or msiexec.exe in order to download and execute their ransomware. The attackers were very obvious and caught the aforementioned companies’ attention, all of which ...

  • #StopRansomware: Rhysida Ransomware

    November 15, 2023

    The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the MultiState Information Sharing and Analysis Center (MS-ISAC) are releasing this joint CSA to disseminate known Rhysida ransomware IOCs and TTPs identified through investigations as recently as September 2023. Rhysida – an emerging ransomware variant – has predominately been deployed against the education, ...

  • Over two million users hit by top US pharmacy provider data breach

    November 15, 2023

    Truepill, formerly known as Postmeds, suffered a data breach that resulted in sensitive data on more than 2.3 million patients being stolen. The US Department of Health and Human Services Office for Civil Rights breach portal listed Truepill (or rather Postmeds) as being under investigation for a data breach that affected a total of 2,364,359 people. Read ...

  • Credit card skimming on the rise for the holiday shopping season

    November 14, 2023

    As we head into shopping season, customers aren’t the only ones getting excited. More online shopping means more opportunities for cybercriminals to grab their share using scams and data theft. One particular threat Malwarebytes Labs researchers are following closely and expect to increase over the next several weeks is credit card skimming. Online stores are not ...

  • TA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government Entities

    November 14, 2023

    In mid-2023, Proofpoint researchers first identified TA402 (Molerats, Gaza Cybergang, Frankenstein, WIRTE) activity using a labyrinthine infection chain to target Middle Eastern governments with a new initial access downloader Proofpoint has dubbed IronWind. From July through October 2023, TA402 utilized three variations of this infection chain—Dropbox links, XLL file attachments, and RAR file attachments—with each variant ...

  • Advanced threat predictions for 2024

    November 14, 2023

    Advanced persistent threats (APTs) are the most dangerous threats, as they employ complex tools and techniques, and often are highly targeted and hard to detect. Amid the global crisis and escalating geopolitical confrontations, these sophisticated cyberattacks are even more dangerous, as there is often more at stake.  In this article, Kaspersky’s Global Research and Analysis Team ...

  • DHS Cybersecurity and Infrastructure Security Agency Releases Roadmap for Artificial Intelligence 

    November 14, 2023

    WASHINGTON – Today the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released its first Roadmap for Artificial Intelligence (AI), adding to the significant DHS and broader whole-of-government effort to ensure the secure development and implementation of artificial intelligence capabilities. DHS plays a critical role in ensuring AI safety and security nationwide. Last ...

  • Gang says ICBC paid ransom over hack that disrupted US Treasury market

    November 14, 2023

    China’s biggest lender, the Industrial and Commercial Bank of China, paid a ransom after it was hacked last week, a Lockbit ransomware gang representative said on Monday in a statement which Reuters was unable to independently verify. ICBC, whose U.S. arm was hit by a ransomware attack that disrupted trades in the U.S. Treasury market on ...