News

Should entities be required to disclose the name of a vendor if the breach was at the vendor’s?

Bys s December 10, 2025

If this were a poll, DataBreaches would vote “yes.” DataBreaches has never really understood why breach notification letters do not have to reveal the name of a business associate or vendor if the breach occurred on their system. Why shouldn’t business associates or vendors risk the same reputation impact that their clients do? Doesn’t failure…

Source

News

Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances
Bys s December 17, 2025

Cisco has alerted users of a maximum-severity zero-day flaw in Cisco AsyncOS software that has been actively exploited by a China-nexus advanced persistent threat (APT) actor codenamed UAT-9686 in attacks targeting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. The networking equipment major said it became aware of the intrusion campaign on…

Read More Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances
News

Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools
Bys s July 15, 2025

Cybersecurity researchers have shed light on a new ransomware-as-a-service (RaaS) operation called GLOBAL GROUP that has targeted a wide range of sectors in Australia, Brazil, Europe, and the United States since its emergence in early June 2025. GLOBAL GROUP was “promoted on the Ramp4u forum by the threat actor known as ‘$$$,’” EclecticIQ researcher Arda…

Read More Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools
News

Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
Bys s July 17, 2025

Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025. “The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use,” Cisco Talos…

Read More Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
News

Hospital cyberattack investigation complete, no formal review needed
Bys s June 18, 2025

Paul Pedro reports a follow-up to the massive ransomware attack on Ontario hospitals via an attack on TransForm by the Daixin threat actors: The Information and Privacy Commissioner of Ontario (IPC) has completed a review into a massive cyberattack on five regional hospitals in 2023 and found hospital officials acted “adequately.” But in its decision,…

Read More Hospital cyberattack investigation complete, no formal review needed
News

UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware
Bys s September 19, 2025

An Iran-nexus cyber espionage group known as UNC1549 has been attributed to a new campaign targeting European telecommunications companies, successfully infiltrating 34 devices across 11 organizations as part of a recruitment-themed activity on LinkedIn. Swiss cybersecurity company PRODAFT is tracking the cluster under the name Subtle Snail. It’s assessed to be affiliated with Iran’s Islamic

Read More UNC1549 Hacks 34 Devices in 11 Telecom Firms via LinkedIn Job Lures and MINIBIKE Malware
News

Integrated Oncology Network victim of phishing attack; multiple locations affected
Bys s July 8, 2025

HHS added ten listings to its public leak site today, all of which are part of the Integrated Oncology Network (“ION”). According to its substitute notice, on May 9, ION concluded an investigation of a phishing incident that occurred between December 13 and December 16, 2024. The incident resulted in “unauthorized access to patient information…

Read More Integrated Oncology Network victim of phishing attack; multiple locations affected

Similar Posts