Prospect Medical Holdings operates over 150 clinics and dozens of hospitals in Southern California, Connecticut, Pennsylvania, and Rhode Island. In a notice sent to impacted clients on September 29, the organization disclosed that an "unauthorized party gained access to its IT network." The attack allegedly occurred between July 31 and August 3 of this year. The company's internal investigation revealed that threat actors accessed files containing employee and dependent information.

Researchers have found BunnyLoader, another Malware-as-a-Service (MaaS) threat, being sold on the cybercrime underground. According to Zscaler ThreatLabz researchers, BunnyLoader provides different functionalities such as downloading and executing a second-stage payload, stealing browser credentials, and more. Its other capabilities include running remote commands on the infected machine, a keylogger to collect keystrokes, and a clipper functionality to monitor the victim's clipboard and replace content matching cryptocurrency wallet addresses with actor-controlled addresses.

The LostTrust ransomware campaign is believed to be a rebranding of MetaEncryptor, using nearly identical data leak sites and encryptors. LostTrust started attacking organizations in March 2023, but it did not become widely known until September when a data leak site went live. Currently, the site lists 53 victims worldwide, some of whom have already had their data leaked for not paying the demanded ransom. It is unknown whether the ransomware group only targets Windows devices or also uses a Linux encryptor.

Sensitive Department of Homeland Security (DHS) information might have been compromised in a recent ransomware attack aimed at government contractor Johnson Controls International.  The cybercrime group claims to have exfiltrated 27TB of sensitive data from Johnson Controls.  The company serves clients in the education, government, healthcare, hospitality, naval, and transportation sectors, including the DoD, DHS, and other government agencies in the US.

An Israeli surveillanceware company used the three recently revealed Apple zero-day vulnerabilities to create an exploit chain for iPhones, and a Chrome zero-day to exploit Androids in a novel attack against Egyptian organizations. According to a recent report by Google's Threat Analysis Group (TAG), "Intellexa" used the special access it gained through the exploit chain to install its "Predator" spyware on unidentified targets in Egypt. Predator was initially developed by Cytrox, one of several spyware developers that Intellexa has absorbed in recent years.

According to NETSCOUT, cybercriminals launched about 7.9 million Distributed Denial-of-Service (DDoS) attacks in the first half of 2023, a 31 percent increase year-over-year. Recent DDoS attack growth has been fueled by global events such as the Russia-Ukraine war and NATO bids. NETSCOUT observed a global increase of 79 percent in DDoS attacks against wireless telecommunications providers during the second half of 2022.

The official website of the UK’s royal family on Sunday was taken offline by a distributed denial of service (DDoS) attack.  According to reports, the Royal.uk site was unavailable for around 90 minutes, starting at 10 am local time.  It was fully functional again soon after.  Notorious Russian hacktivist group Killnet has reportedly boasted on its Telegram channel of being responsible for the attack, although that has yet to be confirmed.

Reimagining Security with Cyberpsychology-Informed Network Defenses (ReSCIND) is a new cyberpsychology research program from the US Defense Department's Intelligence Advanced Research Projects Activity (IARPA) that focuses on how cybercriminals act and think. According to IARPA program manager Kimberly Ferguson-Walter, the ReSCIND program aims to research the cyberpsychology of cybercriminals to identify their cognitive flaws and improve cybersecurity.

Generative Artificial Intelligence (AI) tools, such as OpenAI's ChatGPT, Microsoft's Bing Chat, and Google's Bard, have quickly become the most discussed topic in technology, sparking talks about their role in higher education and more. Harvard announced its initial guidelines for using generative AI tools in July, and strong community demand presented University administrators with the challenge of meeting this need while addressing the security and privacy flaws of many consumer tools.

New research delves into how Internet of Things (IoT) devices, which are not as well protected as traditional computers regarding firewalls, antivirus, and malware protection, can represent a significant system vulnerability. In addition to potential financial loss, such threats can disrupt infrastructure and government, as well as endanger human lives, especially in healthcare facilities. A team of researchers from Tallinn University of Technology and the University at Albany developed a comparative framework for modeling the cyber threat to IoT devices and networks.