February 2025 Cyberattack Affected More Than 230K Bell Ambulance Patients – The HIPAA Journal
February 2025 Cyberattack Affected More Than 230K Bell Ambulance Patients The HIPAA Journal
Ameaças Cibernéticas
62 notíciasFebruary 2025 Cyberattack Affected More Than 230K Bell Ambulance Patients
Bell Ambulance has confirmed that the protected health information of more than 230,000 patients was compromised in a February 2025 […] The post February 2025 Cyberattack Affected More Than 230K Bell Ambulance Patients appeared first on The HIPAA Journal.
The New Turing Test: How Threats Use Geometry to Prove 'Humanness'
Malware is evolving to evade sandboxes by pretending to be a real human behind the keyboard. The Picus Red Report 2026 shows 80% of top attacker techniques now focus on evasion and persistence, including geometry-based cursor tests and CPU timing checks. [...]
'BlackSanta' EDR Killer Targets HR Workflows
A campaign by Russian-speaking cyberattackers hijacks workflows to deliver security-busting malware, allowing attackers to steal data without detection.
New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environments. The shortcoming…
Hackers russos invadem e roubam WhatsApp de políticos e jornalistas
Cibercriminosos ligados à Rússia estão invadindo contas de oficiais governamentais, mas não através de ataques complexos e quebra de encriptação, mas engenharia social simples. A inteligência e a segurança militar dos Países Baixos (AIVD e MIVD) emitiram comunicados alertando sob…
Fake LinkedIn Interview Used by Lazarus Hackers to Target AllSecure CEO
Researchers at AllSecure have revealed how North Korean hackers from the Lazarus Group used a fake LinkedIn job interview and deepfake technology to target their CEO.
Keylogger VIP rouba dados usando arquivos com esteganografia
Uma campanha maliciosa identificada recentemente está utilizando o keylogger VIP para roubar informações sensíveis de usuários por meio de arquivos que escondem código malicioso utilizando esteganografia. A técnica permite ocultar componentes do malware dentro de arquivos aparent…
CISA: Recently patched Ivanti EPM flaw now actively exploited
CISA flagged a high-severity Ivanti Endpoint Manager (EPM) vulnerability as actively exploited in attacks and ordered U.S. federal agencies to patch systems within three weeks. [...]
Falsa atualização do Google Meet instala malware em PCs
Uma campanha maliciosa está utilizando uma falsa atualização do Google Meet para distribuir malware capaz de comprometer computadores. O ataque ocorre por meio de páginas fraudulentas que exibem mensagens indicando que o usuário precisa instalar uma atualização para continuar uti…
APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military
The Russian state-sponsored hacking group tracked as APT28 has been observed using a pair of implants dubbed BEARDSHELL and COVENANT to facilitate long‑term surveillance of Ukrainian military personnel. The two malware families have been put to use since April 2024, ESET said in …
APT28 hackers deploy customized variant of Covenant open-source tool
The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations. [...]
Threat Actors Mass-Scan Salesforce Experience Cloud via Modified AuraInspector Tool
Salesforce has warned of an increase in threat actor activity that's aimed at exploiting misconfigurations in publicly accessible Experience Cloud sites by making use of a customized version of an open-source tool called AuraInspector. The activity, per the company, involves the …
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability list is as follows - CVE-2021-22054 (CVSS score: 7.5) - A serve…
Dutch Intel Warns of Russian Hackers Hijacking Signal, WhatsApp Attacks
Dutch intelligence warns Russian hackers are hijacking Signal and WhatsApp accounts using fake support bots and verification code scams targeting officials and journalists.
Microsoft Teams phishing targets employees with A0Backdoor malware
Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote access through Quick Assist and deploy a new piece of malware called A0Backdoor. [...]
Google: Cloud attacks exploit flaws more than weak credentials
Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days. [...]
Microsoft alerta para ataque que abusa do Windows Terminal
A Microsoft emitiu um alerta sobre uma nova variante do ataque ClickFix que está evadindo a detecção ao instruir as vítimas a usar o Windows Terminal em vez do tradicional diálogo “Executar”. Observada pela primeira vez em fevereiro, a campanha se passa por páginas de CAPTCHA ou …
Salesforce: Ataques do ShinyHunters a instâncias mal configuradas
O grupo de extorsão ShinyHunters assumiu a responsabilidade por uma campanha de roubo de dados que visa instâncias da plataforma Experience Cloud, da Salesforce. A quadrilha afirma ter comprometido entre 300 e 400 empresas, muitas delas do setor de cibersegurança, explorando conf…
Dutch govt warns of Signal, WhatsApp account hijacking attacks
Russian state-sponsored hackers have been linked to an ongoing Signal and WhatsApp phishing campaign targeting government officials, military personnel, and journalists to gain access to sensitive messages. [...]