The UK government has recently proposed new rules designed to regulate the data center sector in a bid to improve baseline cybersecurity and resilience.  Under the current proposals, data center providers would have a "duty to take appropriate and proportionate technical and organizational measures" to manage security and resilience risk.

The Cybersecurity and Infrastructure Security Agency (CISA) has released a Cybersecurity Advisory (CSA) titled "Enhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment," which details the agency's key findings and activities during a Risk and Vulnerability Assessment (RVA) performed at a Healthcare and Public Health (HPH) organization in early 2023. The advisory also gives network defenders and software vendors suggestions on how to improve their organizations' and customers' cyber posture.

The Fred Hutchinson Cancer Center in Seattle has been targeted by a cyberattack claimed by the Hunters International ransomware group. The ransomware group claimed to have stolen 533 GB of data from the Fred Hutchinson Cancer Center, listing the organization on its leak site. According to reports, the group was also extorting individual patients. The Fred Hutchinson Cancer Center is a non-profit organization and Washington's only National Cancer Institute-designated cancer center. It has eight clinical care centers that offer a wide range of services and conduct research.

Four US residents have recently been charged with a series of money laundering offenses connected to a major "pig butchering" fraud syndicate.  Lu Zhang, 36, of Alhambra, California; Justin Walker, 31, of Cypress, California; Joseph Wong, 32, of Rosemead, California; and Hailong Zhu, 40, of Naperville, Illinois, are charged with conspiracy to commit money laundering, concealment money laundering, and international money laundering.

NKAbuse is the first malware to abuse New Kind of Network (NKN) technology for data exchange, which makes it a stealthy threat. According to researchers, NKAbuse is a Go-based multi-platform malware. NKN is a decentralized peer-to-peer (P2P) network protocol that uses blockchain technology to manage resources as well as maintain a secure and transparent model for network operations. This article continues to discuss findings regarding the NKAbuse malware.

Doron Amir, CEO of CyTaka, a cybersecurity awareness and training company, hired a network of offensive cyber hackers worldwide to target disinformation distribution and offensive cyber operations that fund terrorist organizations. While Israeli law prohibits private cyber companies from attacking international cyber systems, Amir says he is using attackers from other countries "operating within legal frameworks." Allowing people to engage in offensive cyber operations, along with proper supervision and accountability, according to Amir, would deter cyberattacks.

ESET researchers analyzed an increasing number of new OilRig downloaders used by the group in multiple campaigns in 2022 to maintain access to targeted Israeli organizations. OilRig is an Advanced Persistent Threat (APT) group believed to be based in Iran. Its operations, including the latest downloaders, are aimed at cyber espionage. Victims have included a healthcare organization, a manufacturing company, and a local government agency. This article continues to discuss the new lightweight downloaders used by the OilRig APT group in attacks against Israeli organizations.

Researchers have discovered 116 malicious packages in the Python Package Index (PyPI) repository. These packages are designed to install a custom backdoor on Windows and Linux systems. According to ESET researchers, in some cases, the final payload is a variant of the W4SP Stealer, or a clipboard monitor that steals cryptocurrency, or both. Since May 2023, the packages have likely been downloaded more than 10,000 times. This article continues to discuss the 116 malicious packages on the PyPI repository designed to infect Windows and Linux systems with a custom backdoor.

Idaho National Laboratory (INL) has recently started notifying 45,000 individuals that their personal information was stolen in a data breach last month.  The incident was identified on November 20 and impacted the Oracle Human Capital Management (HCM) software that INL uses for certain human resources applications.  INL noted that no INL systems nor other "networks or databases used by employees, lab customers or other contractors" were compromised as part of the attack.

A known ransomware group known as Snatch claims to have breached the systems of Kraft Heinz, but the food giant says it's unable to verify the cybercriminals' allegations.  The ransomware group publicly named Kraft Heinz on its website on December 14, but the post appears to have been created on August 16, which indicates that the attack occurred months ago.  Kraft Heinz said it's investigating claims of a cyberattack that occurred several months ago.