Massive healthcare breaches prompt US cybersecurity rules overhaul 

The U.S. Department of Health and Human Services (HHS) has proposed updates to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) to secure patients’ health data following a surge in massive healthcare data leaks. 

Source: https://www.bleepingcomputer.com/news/security/massive-healthcare-breaches-prompt-us-cybersecurity-rules-overhaul/
 

US Treasury Department breached through remote support platform 

Chinese state-sponsored threat actors hacked the U.S. Treasury Department after breaching a remote support platform used by the federal agency. 

In a letter sent to lawmakers and seen by the New York Times, the Treasury Department warned lawmakers it was first notified of the breach on December 8th by its vendor BeyondTrust. 

Source: https://www.bleepingcomputer.com/news/security/us-treasury-department-breached-through-remote-support-platform/

White House links ninth telecom breach to Chinese hackers 

A White House official has added a ninth U.S. telecommunications company to the list of telecoms breached in a Chinese hacking campaign that impacted dozens of countries. 

Source: https://www.bleepingcomputer.com/news/security/white-house-links-ninth-telecom-breach-to-chinese-hackers/
 

Thomas Cook Hit by Cyber Attack, IT Systems Impacted 

Thomas Cook (India) Ltd, a leading travel services provider, has fallen victim to a cyber attack targeting its IT infrastructure, the company announced on Tuesday. 

Source: https://cybersecuritynews.com/thomas-cook-hit-by-cyber-attack/
 

Hackers exploit DoS flaw to disable Palo Alto Networks firewalls 

Palo Alto Networks is warning that hackers are exploiting the CVE-2024-3393 denial of service vulnerability to disable firewall protections by forcing it to reboot. 

Source: https://www.bleepingcomputer.com/news/security/hackers-exploit-dos-flaw-to-disable-palo-alto-networks-firewalls/
 

Cybersecurity firm’s Chrome extension hijacked to steal users’ data 

At least five Chrome extensions were compromised in a coordinated attack where a threat actor injected code that steals sensitive information from users. 

Source: https://www.bleepingcomputer.com/news/security/cybersecurity-firms-chrome-extension-hijacked-to-steal-users-data/
 

Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia 

The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting “several dozen users” in 2024. 

Source: https://thehackernews.com/2024/12/cloud-atlas-deploys-vbcloud-malware.html
 

FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks 

Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten (aka Tsunami) variant called CAPSAICIN. 

Source: https://thehackernews.com/2024/12/ficora-and-kaiten-botnets-exploit-old-d.html
 

Nitrogen Ransomware Attacks Encrypts Files With .NBA Extension 

A new ransomware strain, dubbed Nitrogen, has emerged as a significant threat over the past four months, targeting organizations across industries including construction, financial services, manufacturing, and technology. 

Source: https://cybersecuritynews.com/nitrogen-ransomware-attacks-organizations/   

  

Smarttech247