Daily Cyber Brief

Iran confirms hack of atomic energy organization, Feds warn of ransomware campaigns against healthcare sector, and SideWinder uses new WarHawk backdoor...

Cybersecurity

Iran’s atomic energy agency confirms hack after stolen data leaked online

The Iranian Atomic Energy Organization (AEOI) has confirmed that one of its subsidiaries' email servers was hacked after the ''Black Reward' hacking group published stolen data online. AEOI says an unauthorized party from a specific foreign country, which is not named, stole…

Cuba ransomware affiliate targets Ukrainian govt agencies

The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert about potential Cuba Ransomware attacks against critical networks in the country. Starting on October 21, CERT-UA observed a new wave of phishing emails that impersonated the Press…

Payment terminal malware steals $3.3m worth of credit card numbers – so far

Cybercriminals have used two strains of point-of-sale (POS) malware to steal the details of more than 167,000 credit cards from payment terminals. If sold on underground forums, the haul could net the thieves upwards of $3.3 million. The backend command-and-control (C2)…

Ransomware group claims attack on Wisconsin school district

A ransomware group took responsibility for a cyberattack on a school district in Wisconsin serving nearly 20,000 students. The Snatch ransomware group added the Kenosha Unified School District to its list of victims on Sunday morning but did not say how much data was…

Apple fixes new zero-day used in attacks against iPhones, iPads

In security updates released on Monday, Apple has fixed the ninth zero-day vulnerability used in attacks against iPhones since the start of the year. Apple revealed in an advisory today that it's aware of reports saying the security flaw "may have been actively exploited.”…

Ransomware Barrage Aimed at US Healthcare Sector, Feds Warn

Daixin Team has actively targeted the US Healthcare and Public Health (HPH) sector since last June, according to a joint advisory issued by the FBI, Cybersecurity and Infrastructure Agency (CISA), and the Department of Health and Human Services (HHS), which provides…

Multiple RCE Vulnerabilities Discovered in Veeam Backup & Replication App

Several critical and high-severity vulnerabilities have been discovered affecting the Veeam Backup & Replication application that could be exploited by advertising fully weaponized tools for remote code execution (RCE). The findings come from security researchers at…

CNC Machines Vulnerable to Hijacking, Data Theft, Damaging Cyberattacks

Researchers at cybersecurity firm Trend Micro have shown that the computer numerical control (CNC) machines present in many modern manufacturing facilities are vulnerable to hacker attacks. Trend Micro is presenting the research this week at SecurityWeek’s 2022 ICS…

In Israel, Albanian PM to Meet Cyber Chief After Iran Hack

Albanian Prime Minister Edi Rama arrived in Israel on Sunday for an official visit that will include a meeting with Israeli cyber defense officials, the Israeli Foreign Ministry said. Rama’s three-day visit came a month after Albania severed diplomatic ties with Iran over a…

SideWinder APT Using New WarHawk Backdoor to Target Entities in Pakistan

SideWinder, a prolific nation-state actor mainly known for targeting Pakistan military entities, compromised the official website of the National Electric Power Regulatory Authority (NEPRA) to deliver a tailored malware called WarHawk. "The newly discovered…

Daily Cyber Brief

Iran confirms hack of atomic energy organization, Feds warn of ransomware campaigns against healthcare sector, and SideWinder uses new WarHawk backdoor...

Cybersecurity

Join the conversation

Overt Operator