According to a new study led by the University of Minnesota School of Public Health, although ransomware attacks are more likely in urban areas, operational disruptions may have a greater impact on financially vulnerable rural hospitals and their patients. Patients at rural hospitals are often older, with more health issues and pre-existing barriers to healthcare. Researchers analyzed data on the operations of 43 rural hospitals and 117 urban hospitals that have been hit by ransomware attacks between 2016 and 2021.

The Federal Bureau of Investigation (FBI) warns of North Korean hacking groups performing sophisticated social engineering attacks against cryptocurrency companies and their employees to launch malware aimed at stealing cryptocurrency assets. The FBI says their social engineering tactics are targeted and hard to detect. The North Korean threat actors have been researching potential targets, with a focus on individuals linked to cryptocurrency Exchange-Traded Funds (ETFs) and other related financial products.

According to the annual "LexisNexis Risk Solutions Cybercrime Report," one in four password reset attempts from desktop browsers are fraud. The fraud attempts are part of the rise in password reset attacks. Researchers discovered that fraudsters attempt 70,000 password reset attacks in the UK per week to take over online accounts. Media streaming, e-commerce, and mobile accounts are the most targeted. This article continues to discuss key findings regarding password reset attacks.

As part of its ongoing effort to improve cyber incident reporting, the US Cybersecurity and Infrastructure Security Agency (CISA) moved its cyber incident reporting form to the new CISA Services Portal. The portal lets users save and update reports, share them with colleagues or clients for third-party reporting, and search and filter reports. This article continues to discuss the new portal launched by CISA to enhance cyber reporting.

Researchers at Truesec have discovered new double extortion ransomware with links to the "ALPHV/BlackCat" variant and the "Brutus" botnet. The "Cicada3301" group targets VMware ESXi environments with the goal of shutting down Virtual Machines (VMs), deleting snapshots, and encrypting data. The group's first data leak site post was on June 25, followed by an invitation to new affiliates to join the platform four days later on a cybercrime forum. This article continues to discuss findings regarding the Cicada3301 ransomware group.

A new Searchlight Cyber report reveals a 56 percent rise in ransomware gangs in the first half of 2024. In the first half of 2024, researchers observed 73 ransomware groups operating compared to 46 during the same period in 2023. This trend follows law enforcement operations that disrupted several high-profile Ransomware-as-a-Service (RaaS) groups in the past year. According to the researchers, smaller, lesser-known groups are emerging quickly and launching highly targeted attacks, often stopping and then resurfacing under new names.

Ongoing research conducted by the University of Buffalo looks into how vulnerable Artificial Intelligence (AI) systems in self-driving vehicles are to an attack. Their findings suggest that malicious actors may cause these systems to fail. For example, strategically placing 3D-printed objects on a vehicle can make it invisible to AI-powered radar systems, preventing detection. The research notes that while AI can process a lot of information, it can also get confused and deliver incorrect information if it is provided with special instructions that it was not trained to handle.

After a researcher claimed to have hacked Intel's Software Guard Extensions (SGX) data protection technology, clarifications have been made by the chip giant. Mark Ermolov, a security researcher at Positive Technologies who specializes in Intel products, recently revealed that he and his team extracted cryptographic keys pertaining to Intel SGX. SGX is designed to protect code and data from software and hardware attacks. The technology stores it in a Trusted Execution Environment (TEE) known as an enclave, a separated and encrypted region.

Researchers at Palo Alto Networks discovered that its Virtual Private Network (VPN) software, GlobalProtect, was used to distribute a new variant of the "WikiLoader" loader malware, also known as "WailingCrab." WikiLoader is a sophisticated downloader malware first identified in 2022 by Proofpoint researchers who made it public in 2023. Palo Alto Networks' Unit 42 shared findings regarding the WikiLoader campaign involving GlobalProtect-themed Search Engine Optimization (SEO) poisoning. This article continues to discuss findings surrounding the new WikiLoader campaign.

Cisco Talos researchers found eight vulnerabilities in Microsoft apps for macOS that enable attackers to inject malicious libraries and steal permissions. Exploitation could allow access to the microphone, camera, and other sensitive resources. The researchers analyzed the platform's permission-based security model, which is based on the Transparency, Consent, and Control (TCC) framework. This article continues to discuss the potential exploitation and impact of vulnerabilities in Microsoft apps for macOS.