NICKEL TAPESTRY expands fraudulent worker operations
The North Korean IT worker scheme grows to include organizations in Europe and Asia and industries beyond the technology sector
Similar Posts
Advancing cybersecurity for K-12 and libraries: Strategic considerations for the FCC Cybersecurity Pilot Program
Bys sIf you are preparing an RFP or Form 470 submission under the Cybersecurity Pilot Program, we encourage you to connect with us.
New ZuRu Malware Variant Targeting Developers via Trojanized Termius macOS App
Bys sCybersecurity researchers have discovered new artifacts associated with an Apple macOS malware called ZuRu, which is known to propagate via trojanized versions of legitimate software. SentinelOne, in a new report shared with The Hacker News, said the malware has been observed masquerading as the cross‑platform SSH client and server‑management tool Termius in late May 2025….
Indiana health systems unite to help smaller providers tackle cybersecurity
Bys sNaomi Diaz reports: Health systems in Indiana are joining forces to help provide small healthcare providers with actionable cybersecurity measures. The initiative, called Healthcare Cyber in a Box, was developed in collaboration with the Indiana Executive Council on Cybersecurity, a state-led effort originally established by former Gov. Mike Pence and continued under Govs. Eric Holcomb…
Examining impact of federal relief program after major healthcare cyberattack — Research Brief
Bys sThe University of Minnesota has published a research brief: New research from the University of Minnesota School of Public Health provides the first detailed look at whether funding provided through a federal relief program effectively reached hospitals affected by a ransomware attack on Change Healthcare, a major processor of health insurance claims. The 2024 cyberattack exposed the……
Matrix Push C2 Uses Browser Notifications for Fileless, Cross-Platform Phishing Attacks
Bys sBad actors are leveraging browser notifications as a vector for phishing attacks to distribute malicious links by means of a new command-and-control (C2) platform called Matrix Push C2. “This browser-native, fileless framework leverages push notifications, fake alerts, and link redirects to target victims across operating systems,” Blackfog researcher Brenda Robb said in a Thursday report….
Behavioral Health Resources of Washington state updates its data breach disclosure
Bys sOn January 17, Behavioral Health Resources (“BHR”) notified the U.S. Department of Health and Human Services (HHS) of a reportable breach, but not yet having determined the number affected, they used “501” as a placeholder. They also published a preliminary notice on their website. That notice indicated that on or about November 20, 2024, they…