UnitedHealth Group paid ransom to hackers, person familiar with the cyber investigation says
Microsoft warns that the Russian APT28 threat group exploits a Windows Print Spooler vulnerability to escalate privileges and steal credentials and data using a previously unknown hacking tool called GooseEgg.
#APT28 #Computer #Credential #Escalation #Exploit #GooseEgg #InfoSec #NSA #Print #Privilege #Security #Spooler #Theft #Windows
A financially motivated criminal hacking group says it has stolen a confidential database containing millions of records that companies use for screening potential customers for links to sanctions and financial crime.
The hackers, which call themselves GhostR, said they stole 5.3 million records from the World-Check screening database in March and are threatening to publish the data online.
WhatsApp, Signal and Telegram among apps cut from iPhone app store to comply with censorship demand
Cheap ransomware is being sold for one-time use on dark web forums, allowing inexperienced freelancers to get into cybercrime without any interaction with affiliates.
Researchers at the intelligence unit at the cybersecurity firm Sophos found 19 ransomware varieties being offered for sale or advertised as under development on four forums from June 2023 to February 2024.
he ransomware attack on a company owned by healthcare giant UnitedHealth Group (UHG) has so far caused $872 million in losses, according to the corporation’s latest earnings report.
UnitedHealth owns Change Healthcare, a key cog in the U.S. healthcare industry that was crippled by a ransomware attack in February. Change Healthcare and UHG subsidiary Optum took hundreds of systems offline as a result of the incident and faced criticism from the White House and Congress over its handling of the ransomware attack.
Cisco said one of the providers it uses to send multifactor authentication (MFA) messages was breached by a threat actor on April 1.
In emails to customers, Cisco said the incident specifically affected Duo — a multifactor authentication company it acquired in 2018. The attacker breached the system of a telephony supplier that Duo uses to send MFA messages through texts and phone calls to its customers.
On Thursday, April 18, 2024, the UK’s Metropolitan Police Service, along with fellow UK and international law enforcement, as well as several trusted private industry partners, conducted an operation that succeeded in taking down the Phishing-as-a-Service (PhaaS) provider LabHost. This move was also timed to coincide with a number of key arrests related to this operation. In this entry, we will briefly explain what LabHost was, how it affected its victims, and the impact of this law enforcement operation — including the assistance provided by Trend Micro.