TellYouThePass Ransomware Exploits PHP Vulnerability in June 2024
In June 2024, the TellYouThePass ransomware group exploited a critical vulnerability in PHP for Windows (CVE-2024-4577), a widespread and widely-used scripting language. This vulnerability allowed attackers to execute remote code…
Dev Popper Campaign (May 2024): Hackers Exploit Fake Job Interviews to Distribute Python-based RAT Targeting Developers
In May 2024, cybersecurity researchers uncovered a sophisticated attack campaign known as “Dev Popper,” where hackers posed as recruiters conducting fake job interviews to distribute a Python-based Remote Access Trojan…
Pro-Russian Hacktivist Attacks on Water Infrastructure (May 2024): OT Systems Targeted in U.S. and European Water Facilities
In May 2024, pro-Russian hacktivist groups launched a coordinated series of cyberattacks on water infrastructure in both the United States and Europe. These attacks targeted Operational Technology (OT) systems, which…
Cencora (Healthcare Sector) Cyberattack: May 2024 Data Breach
In May 2024, Cencora, a major player in the U.S. healthcare sector, suffered a significant cyberattack resulting in a data breach that compromised sensitive patient and organisational data. Cencora, previously…
Okta Credential Stuffing Attacks Surge in May 2024: Okta Advises Enhanced Security with ThreatInsight
In May 2024, Okta, a leading provider of identity and access management (IAM) solutions, reported a significant increase in credential stuffing attacks targeting its user base. These attacks, which involve…
Microsoft Patch Tuesday (May 2024): Breakdown of 60 Vulnerabilities, Including Active Zero-Day Exploits
Microsoft’s Patch Tuesday in May 2024 addressed 60 vulnerabilities across a wide range of its products, including Windows, Microsoft Office, and Azure. Among these, several critical zero-day vulnerabilities were actively…
Rhysida Ransomware Attack on Singing River Health System: Data of 895,000 Individuals Exfiltrated
On May 14th, 2024, the Rhysida ransomware group executed a highly disruptive cyberattack on Singing River Health System, compromising the personal data of approximately 895,000 individuals. The attack resulted in…
RansomHub Ransomware Attack on Christie’s Auction House: Live Auctions Delayed and Website Taken Offline
On May 12th, 2024, Christie’s Auction House fell victim to a ransomware attack orchestrated by the RansomHub group. The attack forced Christie’s to temporarily shut down its website and delay…
BlackBasta Ransomware Attack on Ascension Health: Clinical Operations Disrupted
Black Basta, Ascension, ransomware, healthcare, clinical disruption, double extortion, incident response, MITRE ATT&CK 1. Executive Summary On 8 May 2024, US healthcare provider Ascension detected suspicious activity and enacted downtime…
LockBit Ransomware Disrupts Wichita Government: Shutdown of Systems and Critical Services
On May 5th, 2024, the city of Wichita, Kansas, experienced significant disruptions after a LockBit ransomware attack targeted its government systems. The attack forced the shutdown of several critical services,…