Utsunomiya Central Clinic in Japan Suffers Ransomware Cyberattack, Potential Patient Data Breach

Date Reported: 2025-02-10 Country: JPN | Japan Victim: Utsunomiya Central Clinic | Utsunomiya Central Clinic Website: ucc.or.jp Information :The Utsunomiya Central Clinic in Japan was hit by a ransomware cyberattack on February 10, 2025. There is a potential leak of personal information of patients and staff, including names, birth dates, addresses, and phone numbers.…
Read More
Toronto Zoo shares update on last year’s ransomware attack
Summary: The Toronto Zoo experienced a ransomware attack in January 2024, resulting in a data breach affecting personal and financial information of employees, volunteers, and donors. The stolen data includes names, addresses, phone numbers, email addresses, and the last four digits of credit card numbers. The attack was claimed by the Akira ransomware group, which has a history of targeting various organizations worldwide.…
Read More
Boramae Ransomware
Boramae Ransomware is a newly discovered strain aimed at Windows systems, known for its effective encryption and evasion tactics. The ransomware not only encrypts files but also leaves threat-laden ransom notes demanding payment under duress. These findings emphasize the need for robust cybersecurity measures and incident response strategies.…
Read More

Victim: 365labs – Security Corp Country : Actor: monti Source: http://mblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion/blog/b4d8eca0770c757d11f65384178d5b5593c9c56b412f43ceab1594beb5de1669/ Discovered: 2025-03-04 22:08:15.233763 Published: 2025-03-04 22:07:07.921586 Description : Sure! Here are the key points structured using HTML list tags as you requested:Data Breach: Sensitive information has been compromised. Extent of Leak: Full leak indicates a vast amount of data has been exposed.…
Read More
AI’s Role in Turning Massive Data Leaks into Hacker Paydays: A Look at the Orange Breach
Breaches involving companies like Orange, Schneider Electric, and Telefonica often begin with infostealers acquiring sensitive credentials, leading to substantial internal data leaks. Hackers leverage AI to efficiently analyze and extract valuable information from these massive datasets, turning previously chaotic data into actionable intelligence. Affected: Orange, Schneider Electric, Telefonica

Keypoints :

Recent breaches often start with infostealers that collect JIRA or Confluence credentials.…
Read More
VMware Security Flaws Exploited in the Wild—Broadcom Releases Urgent Patches
Summary: Broadcom has released security updates for three significant vulnerabilities in VMware ESXi, Workstation, and Fusion products that could lead to code execution and information disclosure. These vulnerabilities are actively being exploited, highlighting the urgency for users to apply the latest patches. Key vulnerabilities include a TOCTOU vulnerability with a CVSS score of 9.3, an arbitrary write vulnerability, and an information disclosure flaw.…
Read More
Broadcom fixes three VMware zero-days exploited in attacks
Summary: Broadcom has issued a warning regarding three critical zero-day vulnerabilities (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) affecting various VMware products. These vulnerabilities allow attackers with privileged access to escape the virtual machine’s sandbox and potentially compromise the hypervisor. Exploitation of these flaws has already been observed in active attacks, raising concerns for enterprise security.…
Read More
A Serbian youth activist fell victim to a sophisticated zero-day exploit targeting Android devices, believed to be developed by Cellebrite. This exploit exploited a critical vulnerability allowing unauthorized access, raising concerns about user privacy and data security. Affected: Android devices, privacy rights, cybersecurity sector

Keypoints :

A Serbian activist had their Android phone compromised using a Cellebrite exploit.…
Read More
Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
Summary: Google has published its March 2025 Android Security Bulletin, addressing 44 vulnerabilities, including two high-severity flaws actively exploited in the wild. Notably, these vulnerabilities, CVE-2024-43093 and CVE-2024-50302, stem from privilege escalation issues within the Android framework and Linux kernel respectively. Google has advised its partners and users to implement the latest security patches to mitigate the risks associated with these vulnerabilities.…
Read More
Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal
In this blog entry, we explore the tactics employed by the Black Basta and Cactus ransomware groups to compromise systems and exfiltrate sensitive information. They leveraged social engineering, remote access tools, and the BackConnect malware to establish persistent control over infected machines. Mitigating damages, businesses must adopt enhanced security protocols.…
Read More
Social Engineering: The Art of Psychological Exploitation Part 4
This article explores various social engineering crimes and case studies, emphasizing the significance of understanding these tactics for self-protection and cybersecurity awareness. Notable scams include QR code replacements, call forwarding scams, SIM swap scams, job fraud, phishing-as-a-service, and the notorious 2020 Twitter Bitcoin scam. These incidents highlight human vulnerability in cybersecurity and the need for continuous vigilance.…
Read More
The New Ransomware Groups Shaking Up 2025
Summary: In 2024, global ransomware attacks surged to 5,414 incidents, marking an 11% increase from the previous year, with a notable spike in attacks during Q2 and Q4. The emergence of 46 new ransomware groups, especially RansomHub, has significantly transformed the ransomware landscape, with these groups adopting aggressive strategies and collaborations.…
Read More
Alleged Data Breach Exposes Thousands of Records on Dark Web
Summary: A massive database leak has occurred, involving sensitive personal and company information of over 54,000 individuals, primarily in France. The dataset reportedly includes names, addresses, phone numbers, and various other records, with the threat actor offering it for sale on a dark web forum. Interested buyers are directed to contact the actor via Telegram for purchase arrangements.…
Read More

Victim: FM.GOB.AR Country : AR Actor: monti Source: http://mblogci3rudehaagbryjznltdp33ojwzkq6hn2pckvjq33rycmzczpid.onion/blog/82b3572f2dadeca89f06a17fd17a8f05f10e23aff09bfc7071d7b6d29e6238e5/ Discovered: 2025-03-02 18:56:09.777931 Published: 2025-03-02 18:28:56.000000 Description : Sure! Here are some key points in English regarding a “Full Leak”: Complete disclosure of sensitive information Can include personal data, financial records, or confidential documents Often results from cybersecurity breaches or insider threats May lead to identity theft or financial fraud Organizations should implement robust security measures to prevent leaks Regular audits and monitoring are essential for data protection Legal consequences may follow for organizations failing to protect data Education and training of staff are critical for minimizing risks

About Country: Argentina (AR)

Argentina has been increasingly attentive to the threats posed by cybercrime, particularly in the realm of cybersecurity.…

Read More