Avery Discovers Credit Card Theft Malware During Ransomware Attack Investigation
Avery Products uncovers a widespread credit card skimming operation affecting 67,000 customers while investigating a December ransomware incident. The malware, active for six months, captured sensitive payment details including CVV numbers, leading to reports of fraud.
Historic Healthcare Breach: UnitedHealth Cyberattack Exposes 190 Million Americans' Medical Records
UnitedHealth Group reveals that a devastating ransomware attack on Change Healthcare compromised sensitive medical and personal data of approximately 190 million Americans. The breach, attributed to the Russian-linked ALPHV group, marks the largest medical data breach in U.S. history.
Microsoft Teams Exploited in Sophisticated Ransomware Phishing Scams
Cybersecurity firm Sophos reveals how ransomware groups are masquerading as IT support staff in Microsoft Teams to infiltrate organizations and deploy malware. The attackers exploit Teams' default settings to initiate contact and convince employees to grant remote access control.
UK Plans Ransomware Payment Ban for Public Services in Bold Cybersecurity Move
The UK government is considering legislation to prohibit public sector organizations from paying ransomware demands, aiming to discourage cybercriminals targeting critical services. The initiative would expand the National Crime Agency's oversight while establishing mandatory incident reporting, though experts warn of implementation challenges.
UK Takes Bold Step to Outlaw Ransomware Payments Across Public Sector
The UK Home Office proposes groundbreaking legislation to ban ransomware payments for public sector and critical infrastructure organizations, aiming to combat rising cybercrime. The comprehensive plan includes mandatory incident reporting and payment prevention measures following several devastating attacks on essential services.
AWS Cloud Storage at Risk: New Ransomware Weaponizes S3 Encryption Features
A sophisticated ransomware group called Codefinger is exploiting AWS's native encryption features to lock down S3 buckets, marking a concerning evolution in cloud-based attacks. The group leverages stolen credentials and legitimate AWS functionality to encrypt data, making recovery impossible without the attacker's key.
UK Moves to Ban Public Sector Ransomware Payments in Landmark Cybersecurity Push
The UK government proposes groundbreaking legislation to prohibit ransomware payments by public sector organizations and critical infrastructure companies. The initiative, which includes mandatory reporting requirements, aims to disrupt cybercriminal operations that collected an estimated $1 billion globally in 2023.
ESXi Ransomware Attacks Surge with $5M Average Demands, Threatening Virtual Infrastructure
Cybercriminals are increasingly targeting VMware ESXi servers with sophisticated ransomware attacks, demanding ransoms averaging $5 million. The attacks leverage modified Babuk malware to compromise vCenter systems and encrypt critical virtualization files, highlighting urgent needs for enhanced security measures.
Cannabis Retailer STIIIZY Hit by Major Customer Data Breach, Exposing ID Documents
Premium cannabis retailer STIIIZY disclosed a significant data breach exposing customer identification documents and transaction records at multiple California locations. The Everest cybercrime group claimed responsibility for compromising hundreds of thousands of records through a vendor's point-of-sale system.
Healthcare Provider's Critical Services Disrupted by Holiday Cyberattack
Community Health Northwest Florida's 17 clinics face widespread system shutdowns following a Christmas period cyberattack, impacting essential healthcare services for thousands. While patient records appear secure, multiple services including dental and pharmacy operations remain suspended as technical teams work to restore functionality.