Summary: Researcher Mehdi Elyassa from Synacktiv disclosed a critical SQL injection vulnerability in Microsoft Configuration Manager (CVE-2024-43468) with a CVSS score of 9.8, allowing unauthenticated attacks that can execute arbitrary commands. The flaw exists in the MP_Location service, enabling attackers to gain sysadmin-level privileges and potentially achieve full control over the deployment environment.…
Read More Category: Cyber Attack
Date Reported: 2025-01-21
Country: CAN | Canada
Victim: Runway Hair Design | Runway Hair Design
Website: runwayhairdesign.ca
Additional Information :A hair salon in Strathmore, Alberta, was closed for several days due to a ransomware cyberattack that encrypted the company’s files.
The salon managed to reopen after repairing its computers.…
Read More Date Reported: 2025-01-21
Country: JPN | Japan
Victim: Sanrio Entertainment | Sanrio Entertainment
Website: sanrio.co.jp
Additional Information :Sanrio Entertainment, known for its popular theme parks in Japan, including Harmonyland, was targeted in a cyberattack on January 21, 2025.
The attack caused operational disruptions and restricted access for visitors to the parks.…
Read More 
Summary: UnitedHealth Group has announced that approximately 190 million individuals were affected by the Change Healthcare data breach following a ransomware attack in February 2024, making it the largest healthcare data breach of the year. Initially estimated at 100 million, the revised figure underscores the extent of the breach.…
Read More 
Summary: A new threat actor called GamaCopy has been observed emulating tactics from the Kremlin-aligned Gamaredon group, primarily targeting Russian-speaking entities. The group is noted for using military-related content to deploy UltraVNC for remote access, closely resembling techniques used by another hacking faction, Core Werewolf. This pattern of behavior highlights an evolving landscape of cyber threats amidst ongoing geopolitical tensions stemming from the Russo-Ukrainian war.…
Read More 
Summary: Ransomware actors are increasingly targeting VMware ESXi bare metal hypervisors, exploiting SSH tunneling to maintain persistence and evade detection. These attacks can cripple organizations by encrypting files and rendering virtual machines inaccessible. Monitoring challenges related to ESXi logs further complicate detection and response efforts for system administrators.…
Read More 
Summary: UnitedHealth has disclosed that a ransomware attack on its subsidiary, Change Healthcare, resulted in the theft of personal and healthcare data from 190 million Americans, nearly doubling earlier estimates. The attack, attributed to the BlackCat ransomware gang, has been labeled the largest healthcare data breach in U.S.…
Read More 
Summary: New York State has reached a $2 million settlement with PayPal due to its failure to comply with cybersecurity regulations, which resulted in a significant data breach in 2022. The breach was attributed to security gaps that allowed credential stuffing attacks, compromising sensitive customer information.…
Read More 
Summary: TalkTalk is investigating a data breach involving a third-party supplier after a threat actor began selling alleged customer data on a hacking forum. The company has stated that the number of affected customers is significantly overstated and that no financial information was compromised. Ongoing investigations suggest the data may have been stolen from the Ascendon SaaS platform rather than directly from TalkTalk.…
Read More Date Reported: 2025-01-19
Country: ARG | Argentina
Victim: Hôpital El Cruce-Néstor Kirchner | El Cruce-Néstor Kirchner Hospital
Website: hospitalelcruce.org
Additional Information :The prestigious El Cruce-Néstor Kirchner Hospital was targeted by a cyberattack six days ago.
The attack was attributed to a hacker known as MEDUSA.…
Read More Date Reported: 2025-01-24
Country: USA
Victim: Matagorda County | Matagorda County
Website: co.matagorda.tx.us
Additional Information :Matagorda County, Texas, has declared a state of disaster due to a cyberattack.
The cyberattack disrupted internal systems but no evidence of compromised personal data has been found.
Local authorities are investigating the incident with assistance from multiple agencies, including the FBI.…
Read More 
Summary: The ransomware attack on Change Healthcare has now impacted nearly 200 million individuals, significantly more than previously reported. UnitedHealth, the parent company, has confirmed that sensitive personal and health information was accessed, including Social Security numbers and medical records. The company is still assessing the full extent of the breach and has begun notifying affected individuals.…
Read More
Summary: The U.S. Department of Justice has indicted five individuals, including North Korean nationals, for a scheme to secure remote IT jobs at American companies using stolen identities and forged documents. This operation aimed to generate illicit revenue for the North Korean regime, involving a “laptop farm” to deceive U.S.…
Read More _Elena_Uve_Alamy.jpg?disable=upscale&width=1200&height=630&fit=crop "3 Use Cases for Third-Party API Security")
Summary: The commentary discusses the importance of adapting security strategies for third-party APIs, highlighting the unique risks and considerations that differ from first-party APIs. It emphasizes the need for security leaders to focus on three specific use cases: managing outbound data flows, protecting against inbound traffic, and overseeing data management for third-party applications.…
Read More Date Reported: 2025-01-24
Country: POL | Poland
Victim: Big Cheese Studio | Big Cheese Studio
Website: bigcheesestudio.com
Additional Information :The Polish game developer Big Cheese Studio suffered a cyber attack on Friday morning.
The attack led to the website going offline and compromised game code and personal data of employees.…
Read More 
Summary: PayPal has agreed to pay a $2 million penalty following a cybersecurity incident in December 2022 that exposed thousands of Social Security numbers. The breach was attributed to a credential stuffing attack, which exploited vulnerabilities in the company’s platform due to recent changes. New York regulators emphasized the importance of qualified cybersecurity personnel and proper training to prevent such incidents in the future.…
Read More 
Summary: A threat actor has targeted low-skilled hackers, or “script kiddies,” with a fake malware builder that secretly installs a backdoor to steal data and gain control of their computers. Security researchers from CloudSEK reported that this malware has infected over 18,000 devices globally, primarily in countries like Russia, the U.S.,…
Read More
Summary: GitLab has released critical security updates for versions 17.8.1, 17.7.3, and 17.6.4 to address multiple vulnerabilities, including a high severity cross-site scripting (XSS) flaw. The most severe vulnerability, CVE-2025-0314, allows attackers to inject malicious scripts, potentially leading to session hijacking and data theft. GitLab urges all users to update their installations immediately to mitigate these risks.…
Read More _Vladimir_Stanisic_Alamy.jpg?disable=upscale&width=1200&height=630&fit=crop "Strengthening Our National Security in the AI Era")
Summary: The commentary discusses the challenges faced by the federal government in modernizing cybersecurity efforts amidst increasing data breaches and ransomware attacks. It highlights the significance of the Biden administration’s executive order aimed at strengthening cybersecurity through the integration of AI and automation. The piece emphasizes the urgent need for improved cybersecurity practices and the potential of AI to enhance resilience in federal infrastructure and the software supply chain.…
Read More 
Summary: A vulnerability in Subaru’s Starlink connected vehicle service allowed unauthorized access to customer accounts in the US, Canada, and Japan. Security researchers discovered that the admin panel could be accessed without proper authentication, enabling potential vehicle takeovers and access to sensitive customer information. Subaru addressed the security flaw within 24 hours of being notified by the researchers.…
Read More