November Patch Tuesday does its chores
A cleanup month brings 63 patches… wait, no, 68… how about 61?
Similar Posts
Qilin’s 2024 attack on NHS vendor continues to impact patient care for one NHS Trust
Bys sLong-term follow-ups are important, and DataBreaches is glad that Alexander Martin points out that at least one NHS Trust is still impacted by the Qilin ransomware attack on Synnovis in 2024. From his reporting: At South London and Maudsley NHS Foundation Trust (SLaM), pathology systems have not been restored as of publication, with the trust……
Iranian and Russian Entities Sanctioned for Election Interference Using AI and Cyber Tactics
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Tuesday leveled sanctions against two entities in Iran and Russia for their attempts to interfere with the November 2024 presidential election. The federal agency said the entities – a subordinate organization of Iran’s Islamic Revolutionary Guard Corps and a Moscow-based affiliate of Russia’s Main…
Edmond cybersecurity CEO accused of planting malware on hospital computers
Bys sKilee Thomas reports: Investigators said he walked right into St. Anthony Hospital and put malicious malware on an employee’s computer, which could have exposed critical patient data. Jeffrey Bowie is listed as the CEO of a cyber security company based in Edmond, but instead of helping protect St. Anthony Hospital from hackers, authorities said he…
TeamPCP Hacks Checkmarx GitHub Actions Using Stolen CI Credentials
Bys sTwo more GitHub Actions workflows have become the latest to be compromised by credential-stealing malware by a threat actor known as TeamPCP, the cloud-native cybercriminal operation also behind the Trivy supply chain attack. The workflows, both maintained by the supply chain security company Checkmarx, are listed below – checkmarx/ast-github-action checkmarx/kics-github-action Cloud security
Ghost Campaign Uses 7 npm Packages to Steal Crypto Wallets and Credentials
Bys sCybersecurity researchers have uncovered a new set of malicious npm packages that are designed to steal cryptocurrency wallets and sensitive data. The activity is being tracked by ReversingLabs as the Ghost campaign. The list of identified packages, all published by a user named mikilanjillo, is below – react-performance-suite react-state-optimizer-core react-fast-utilsa ai-fast-auto-trader
NL: Suspects report themselves via new reporting form
Bys sThe Dutch police’s new self-reporting form is proving successful. In the first three months since the form’s launch, several suspects have self-reported, including for involvement in violence and bank helpdesk fraud. Dozens more reports were also received, including from people who witnessed a crime or wanted to report damage they had caused. “We’re pleased that……