The following are two reports on one criminal case. The first is from the U.S. Attorney’s Office: A Kansas City, Mo., man has pleaded guilty for hacking into the computer system at an area nonprofit. Nicholas Michael Kloster, 32, admitted during his plea that he caused reckless damage to a protected computer owned by an […]
Defending Against UNC3944: Cybercrime Hardening Guidance from the Frontlines UNC3944, which overlaps with public reporting on Scattered Spider, is a financially-motivated threat actor characterized by its persistent use of social engineering and brazen communications with victims. In early operations, UNC3944 largely targeted telecommunications-related organizations to support SIM swap operations. However, after shifting to ransomware and […]
The BBC reports: The death of one person has been linked to a ransomware attack on NHS blood services at London hospitals and GP surgeries last June. King’s College Hospital NHS Foundation Trust confirmed that one patient had “died unexpectedly” during the cyber attack on 3 June 2024, which disrupted more than 10,000 appointments. A […]
USA Today reports: A week after WestJet Airlines was hacked, Hawaiian Airlines reported being hit with a “cybersecurity event” Thursday that has affected some of its IT systems. A notice has been posted on the websites of both Hawaiian Airlines and Alaska Airlines, which acquired the Hawaii-based carrier last year. “Our highest priority is the safety and security of our […]
When French law enforcement announced the arrest of four individuals alleged to be part of ShinyHunters, they also noted that a fifth individual, a British national known as “IntelBroker,” was arrested in France in February and detained. Hours later, the U.S. Attorney’s Office for the Southern District of New York announced that Intelbroker, whose real […]
Multiple French news outlets are reporting that four men in their 20’s, alleged to be members of the ShinyHunters hacking group, have been arrested. Their real names have not been released publicly, but their online monikers were “ShinyHunters,” “Noct,” “Depressed,” and “Hollow.” French law enforcement has not issued any official statement confirming any arrests or […]
NetSec reports: The Qilin ransomware group has been noticed exploiting two critical vulnerabilities present in FortiOS/FortiProxy equipment. Although the group seems to be focusing on countries with Spanish language, it is likely that attacks exploiting these vulnerabilities will spread to other countries. The Qilin ransomware-as-a-service (RaaS) operation appeared in August 2022, known first as Agenda. Although it is not […]
The Record reports: Ransomware hackers stole the Social Security numbers and health insurance information for more than 740,000 people during an attack on a prominent Michigan hospital network. McLaren Health Care filed documents on Friday concerning a ransomware attack that took place in August 2024 — the second cyber incident to impact the healthcare giant in 12 months. The […]
Reuters reports: A U.S. judge granted preliminary approval on Friday to a $177-million settlement that resolves lawsuits against AT&T T.N over breaches in 2024 that exposed personal information belonging to tens of millions of the telecom company’s customers. U.S. District Judge Ada Brown in Dallas said in a ruling that the class-action settlement was fair and reasonable. […]
Retaining decades worth of unencrypted personal information connected to the internet is a data breach disaster waiting to happen, as this report from DefendOps Diaries illustrates: The recent cyberattack on Oxford City Council has underscored the vulnerabilities inherent in managing vast amounts of historical data. Over the weekend of June 7 and 8, 2025, unauthorized access to […]
