Change Healthcare’s Data Breach Affects Over 190 Million Americans Pierluigi Paganini January 26, 2025 The recent data breach at Change Healthcare has proven to be far more extensive than initially reported, impacting around 190 million individuals across the United States. This shocking revelation underscores the severity of the cyber incident…
In a troubling escalation of conflict, Russia has ramped up its military and cyber operations against Ukraine. The ongoing military campaign features targeted ballistic missile strikes on Kyiv and adjacent areas, resulting in extensive destruction. The conflict has also taken a significant turn in the cyberspace domain. A hacktivist group…
A serious series of cybersecurity incidents has emerged across North America, targeting key sectors such as healthcare and technology through high-profile hacks. Recent reports indicate that ransomware groups and skilled hackers are exploiting vulnerabilities within cloud infrastructures, heightening the risks for organizations tasked with safeguarding sensitive information. One notable incident…
FBI Indicts Five Alleged Members of Cybercrime Group Linked to Cryptocurrency Thefts The U.S. government has unveiled charges against five individuals suspected to be affiliated with a loosely organized cybercriminal group known as "Scattered Spider." These charges, unsealed on November 20, 2024, stem from allegations that the group was responsible…
3rd Party Risk Management, Governance & Risk Management, Incident & Breach Response DOJ Accuses Alleged Hackers of Stealing Terabytes of Data From Snowflake Victims Chris Riotta (@chrisriotta) • November 13, 2024 Connor Moucka and John Binns face charges for allegedly stealing terabytes of data from Snowflake, affecting over 165 organizations.…
On July 25, 2023, Cyber Threat Intelligence revealed that North Korean state-sponsored hackers connected to the Reconnaissance General Bureau (RGB) were linked to the JumpCloud breach due to a significant operational security (OPSEC) error that revealed their IP address. Google’s threat intelligence firm Mandiant has identified this group as UNC4899, which overlaps with known clusters like Jade Sleet and TraderTraitor—hackers notorious for targeting the blockchain and cryptocurrency sectors. Furthermore, UNC4899 shares connections with APT43, another hacking group affiliated with North Korea, previously exposed in March for conducting intelligence-gathering campaigns and stealing cryptocurrency from various companies. Their tactics include employing Operational Relay Boxes (ORBs) using L2TP IPsec tunnels along with commercial VPN services to conceal their identity.
North Korean State-Sponsored Hackers Identified in JumpCloud Breach Due to Operational Security Oversight On July 25, 2023, cybersecurity experts revealed that the recent breach of JumpCloud, a directory-as-a-service provider, has been linked to North Korean state-sponsored hackers associated with the Reconnaissance General Bureau (RGB). The inquiry into the attack found…
On July 25, 2023, Cyber Threat Intelligence revealed that North Korean state-sponsored hackers connected to the Reconnaissance General Bureau (RGB) were linked to the JumpCloud breach due to a significant operational security (OPSEC) error that revealed their IP address. Google’s threat intelligence firm Mandiant has identified this group as UNC4899, which overlaps with known clusters like Jade Sleet and TraderTraitor—hackers notorious for targeting the blockchain and cryptocurrency sectors. Furthermore, UNC4899 shares connections with APT43, another hacking group affiliated with North Korea, previously exposed in March for conducting intelligence-gathering campaigns and stealing cryptocurrency from various companies. Their tactics include employing Operational Relay Boxes (ORBs) using L2TP IPsec tunnels along with commercial VPN services to conceal their identity.
The FBI has issued a warning that North Korean cyber actors may seek to liquidate more than $40 million in stolen cryptocurrency. This announcement surfaced on Tuesday amid ongoing investigations into recent blockchain activities linked to a group identified by U.S. authorities as TraderTraitor, also known colloquially as Jade Sleet.…
The Federal Bureau of Investigation (FBI) has issued a warning regarding the ongoing risk posed to Barracuda Networks Email Security Gateway (ESG) appliances, despite recent patches deployed in response to a critical vulnerability. This advisory indicates that while Barracuda has addressed the flaw, the devices remain susceptible to exploitation by…
The recent investigation by Mandiant, a cybersecurity arm of Google, has unveiled significant insights regarding the breach incidents attributed to a hacker identified as UNC5537. Austin Larsen, a threat intelligence analyst at Mandiant, characterizes this hacker as “one of the most consequential threat actors of 2024.” The repercussions of these…
