Commerce Secretary Gina Raimondo’s emails hacked in Microsoft cyber breach

Commerce Secretary Gina Raimondo’s emails were hacked as part of the Microsoft cyber breach, according to a source familiar with the investigation. Microsoft’s Outlook systems were breached by Chinese hackers, according to the company. The breach was discovered in May. Read More …

Utility cyber threats on the rise, but experts say don’t forget basics

“There’s an increase in threat actors targeting critical infrastructure,” said Katell Thielemann, a Gartner research analyst focused on risk and security for cyber-physical systems. “And there’s an enhanced sensitivity that threat actors are probing infrastructure.” Since 2021, the U.S. Department Read More …

Hunting for A New Stealthy Universal Rootkit Loader

In one of their recent threat hunting investigations, Trend Micro researchers came across an interesting new threat activity cluster that we initially thought was a false positive detection for a Microsoft signed file. However, this turned out to be a Read More …

12,000 State Bank of India employees’ sensitive data leaked on Telegram channels

In a massive data breach incident, the data of more than 12,000 State Bank of India (SBI) employees was leaked on Telegram channels. The leaked data included the employees’ personal information, such as their SBI passbooks, names, addresses, contact numbers, Read More …

Storm-0978 attacks reveal financial and espionage motives

Microsoft has identified a phishing campaign conducted by the threat actor tracked as Storm-0978 targeting defense and government entities in Europe and North America. The campaign involved the abuse of CVE-2023-36884, which included a remote code execution vulnerability exploited before Read More …

Florida patients among 11 million affected by HCA Healthcare data breach

Data on roughly 11 million HCA Healthcare patients in 20 states including Florida, was stolen and recently posted on an online forum, the hospital chain reported on Sunday. According to the company, an unauthorized party gained access to 27 million Read More …

Ventia takes systems offline to contain cyber attack

Ventia has taken an undisclosed number of “key systems” offline to contain a cyber security incident. The listed company, which provides long-term operation, maintenance, and management for critical public and private assets and infrastructure, disclosed the incident on Saturday. Read Read More …

The TOITOIN Trojan: Analyzing a New Multi-Stage Attack Targeting LATAM Region

This sophisticated campaign targeting LATAM region employs a trojan that follows a multi-staged infection chain, utilizing specially crafted modules throughout each stage. These modules are custom designed to carry out malicious activities, such as injecting harmful code into remote processes, Read More …

The five-day job: A BlackByte ransomware intrusion case study

As ransomware attacks continue to grow in number and sophistication, threat actors can quickly impact business operations if organizations are not well prepared. In a recent investigation by Microsoft Incident Response (previously known as Microsoft Detection and Response Team – Read More …