Virginia-based Richmond Behavioral Health Authority had data from 113,232 individuals stolen following a ransomware attack in late September that has been claimed by the Qilin ransomware operation, SecurityWeek reports.
Online Gladinet CentreStack file servers are already being scoured and compromised by the Clop ransomware group as part of a new data extortion campaign, reports BleepingComputer.
Updated DocSwap Android malware deployed by Kimsuky Malicious QR codes and pop-up notifications on websites spoofing South Korean logistics company CJ Logistics have been used by North Korean state-backed advanced persistent threat operation Kimsuky to distribute the updated DocSwap Android malware, reports The Hacker News.
Threat group Jolly Scorpius has integrated double extortion capabilities into its updated RansomHouse ransomware-as-a-service platform, Cyber Security News reports.
Over 1,800 suspected North Korean scammers had their attempts to obtain remote IT work at Amazon quashed since April 2024 as the firm recorded a 27% quarter-over-quarter increase in North Korea-linked job applications, The Register reports.
Newly emergent Kimwolf botnet has already compromised at least 1.8 million Android devices worldwide, with its command-and-control server site surpassing Google on website charts in late October, suggesting the possibility of widespread distributed denial-of-service intrusions, Cybernews reports.
Hacked internal email accounts have been leveraged by advanced persistent threat operation Blind Eagle to compromise Colombian government agencies with multi-stage malware, reports GBHackers News.
Fast Five
Selected by the SC Media Editorial team every Tuesday.
Sign up now for the top five issues cybersecurity pros need to know this week.
