Researchers have revealed more about the "Qilin" ransomware group, which recently demanded $50 million from the healthcare sector. Synnovis, a pathology services provider, was attacked earlier this month, affecting several NHS hospitals in London. Starting in February 2023, Qilin has been offering Ransomware-as-a-Service (RaaS) on underground forums. Qilin moved from Go-based "Agenda" ransomware to Rust, marking a move toward more robust and efficient malware. The group has compromised more than 150 organizations in 25 countries, affecting many industries.

According to Microsoft, the "Scattered Spider" cybercrime gang has added "Qilin" ransomware to its arsenal. ​The Qilin ransomware operation that Scattered Spider just joined emerged in August 2022 under the name "Agenda," but was rebranded as Qilin just one month later. The Qilin gang has hit about 130 companies, based on its dark web leak site. This article continues to discuss Scattered Spider hackers' use of Qilin ransomware.

Interpol has defeated several West African cybercriminal groups, including the "Black Axe" syndicate. "Operation Jackal III" took place from April 10 to July 3 in 21 countries on five continents, resulting in 300 arrests and $3m in asset seizures. Police blocked over 720 bank accounts and identified 400 suspects. Black Axe may have operated for decades. It has made a lot of money in romance fraud, Business Email Compromise (BEC), and other financial crimes. This article continues to discuss the success of Operation Jackal III.

Attackers are exploiting a patched Apache HugeGraph vulnerability. Apache HugeGraph is an open source graph database system used to build applications based on graph databases. Its developers disclosed a flaw in HugeGraph-Server in April that enables remote command execution. The vulnerability was patched with the release of version 1.3.0. However, the Shadowserver Foundation reported attempts to exploit the flaw in the wild, with attacks originating from eight IP addresses. This article continues to discuss the exploitation of a recently patched Apache HugeGraph vulnerability.

Google recently announced security updates for Chrome 126 that address ten vulnerabilities, including eight high-severity bugs reported by external researchers.  Google noted that the new Chrome 126 release resolves an inappropriate implementation flaw in V8, a type confusion in V8, use-after-free bugs in Screen Capture, Media Stream, Audio, and Navigation, a race condition in DevTools, and an out-of-bounds memory access in V8.  Google says it paid out $10,000 and $7,000 bug bounty rewards for the inappropriate implementation and type confusion vulnerabilities in V8.

MNGI Digestive Health has started notifying over 765,000 individuals that their personal information was compromised in an August 2023 data breach.  The incident occurred on August 20, 2023, but it took MNGI almost one year to determine that personal and protected health information was accessed.  MGNI says that the potentially compromised information includes names, dates of birth, Social Security numbers, driver’s licenses and state ID numbers, passport numbers, biometric data, health insurance information, and medical information.

Virginia-based furniture manufacturer and retailer Bassett Furniture has recently announced that it was targeted in a ransomware attack that caused significant disruptions, including in the company's manufacturing facilities. The company detected unauthorized access to its IT systems on July 10. Bassett Furniture said the threat actor disrupted its business operations by encrypting "some data files." The company noted that retail stores and the e-commerce platform are open, and customers can place orders and purchase available merchandise; however, the company's ability to fu

Cybersecurity analysts at FortiGuard Labs have warned of a significant uptick in cyber threats targeting the upcoming Paris 2024 Olympics. The researchers noted that cybercriminals have been intensifying their efforts for more than a year, gearing up with sophisticated tools and tactics aimed at exploiting the global event.  The researchers said there was a substantial surge in darknet activity, with an 80-90% increase observed between the second half of 2023 and the first half of 2024.  The researchers say they saw a huge increase in phishing kits tailored for the Olympics.

A threat actor recently released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January.  Trello is an online project management tool owned by Atlassian.  Businesses commonly use it to organize data and tasks into boards, cards, and lists.  In January, a threat actor known as "emo" was selling profiles for 15,115,516 Trello members on a popular hacking forum.  The leaked data includes email addresses and public Trello account information, including the user's full name.