Data Privacy, Data Security, Healthcare Lawsuit Alleges BJC Health Disclosed Patient Data from MyChart Portal Without Consent Marianne Kolbasuk McGee (HealthInfoSec) • July 28, 2025 Image: BJC Health BJC Health, a Missouri-based healthcare system, has agreed to pay up to $9.25…
MINNEAPOLIS, July 28, 2025 (GLOBE NEWSWIRE) — Edelson Lechtzin LLP, a law firm based near Philadelphia, is actively investigating data privacy issues following a recent incident involving Allianz Life Insurance Company of North America (“Allianz Life”). The firm became aware…
Iran-Backed Pay2Key Ransomware Makes a Comeback with Increased 80% Profit Incentive for Cybercriminals
Jul 11, 2025
Cyber Warfare / Cybercrime
The Iranian-backed ransomware-as-a-service (RaaS), Pay2Key, has reemerged amid the escalating Israel-Iran-U.S. conflict, now offering larger financial rewards to cybercriminals targeting Israel and the U.S. Operating under the new name Pay2Key.I2P, this scheme is believed to be associated with the hacking group known as Fox Kitten (also referred to as Lemon Sandstorm). According to Morphisec security researcher Ilia Kulmin, “Pay2Key.I2P appears to be affiliated with the notorious Fox Kitten APT group and shares capabilities with the well-known Mimic ransomware.” The group has officially raised its profit share for affiliates supporting Iran or conducting attacks against its adversaries to 80%, up from 70%, highlighting their ideological motivations. Last year, the U.S. government identified the advanced persistent threat’s (APT) strategy of executing ransomware attacks through covert partnerships.
Iranian-Supported Pay2Key Ransomware Emerges Again, Promising Increased Profits for Cybercriminals July 11, 2025 Cyber Warfare / Cybercrime The ransomware-as-a-service (RaaS) model known as Pay2Key, linked to Iranian interests, has resurfaced amid escalating tensions in the ongoing conflict between Israel, Iran,…
The ransomware collective known as GLOBAL GROUP has claimed responsibility for a significant security breach at Albavisión, a prominent Spanish-language media conglomerate headquartered in Miami, Florida. According to the group, they have successfully extracted 400 GB of sensitive data from…
Artificial Intelligence & Machine Learning, Network Detection & Response, Next-Generation Technologies & Secure Development Enhancements in SaaS Target Network Detection and Response for Smaller Security Teams Michael Novinson (@MichaelNovinson) • July 28, 2025 Brian Dye, CEO of Corelight (Image: Corelight)…
Late last week, FlexMLS and Matrix, two of the nation’s largest multiple listing services (MLS), fell victim to data breaches that have raised significant concerns among their members. The breaches reportedly compromised member login credentials, leading to a wave of…
July 11, 2025
Cyber Attack / Vulnerability Alert
A recently uncovered critical security vulnerability affecting Wing FTP Server is currently being exploited, as reported by Huntress. Known as CVE-2025-47812 (CVSS score: 10.0), this flaw involves improper handling of null (‘\0’) bytes within the server’s web interface, leading to potential remote code execution. The issue has been resolved in version 7.4.4. According to CVE.org’s advisory, “The user and admin web interfaces mishandle ‘\0’ bytes, allowing for the injection of arbitrary Lua code into user session files.” This can enable the execution of arbitrary system commands with the privileges of the FTP service, which defaults to root or SYSTEM. Alarmingly, the vulnerability can also be exploited through anonymous FTP accounts. A detailed analysis of this security issue became public in late June 2025, thanks to RCE Security researcher Julien Ahrens.
Critical Security Flaw in Wing FTP Server Under Active Attack On July 11, 2025, cybersecurity firm Huntress reported that a serious vulnerability in the Wing FTP Server, classified as CVE-2025-47812, is currently being exploited in the wild. This flaw bears…
Aeroflot Faces Major Disruption Following Suspected Cyberattack On Monday, Aeroflot, Russia’s largest airline, experienced significant operational disruptions, cancelling approximately 40 flights due to what the airline referred to as a “technical failure.” However, multiple reports, aided by statements from Russian…
Critical Infrastructure Security, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Aeroflot Targeted by Belarusian Hackers Using Wiper Malware Mathew J. Schwartz (euroinfosec) • July 28, 2025 Image: Media_works/Shutterstock Aeroflot, Russia’s state-owned airline, has canceled numerous flights following a cyberattack…
Allianz Life has recently disclosed that a significant data breach has compromised the personal information of 1.4 million customers. The security incident was detected on July 16, 2025, prompting immediate communication to the Maine Attorney General the subsequent day. The…
