9-May-2024: Change Healthcare and Boeing Hit by Ransomware Attacks, LockBit

Welcome to Hacked dAily, the cutting-edge, AI-driven cybersecurity podcast from Cytadel Cyber, delivering the latest in cyber threats and security innovations. First, we dive into the sentencing of Daniel Christian Hulea, a Romanian national, who received a 20-year prison sentence for his role in NetWalker ransomware attacks, collecting $21.5 million in bitcoin from global victims. Hulea's scheme escalated during the COVID-19 pandemic, and he has been ordered to pay almost $15 million in restitution. Next, we explore a sophisticated mishing campaign exploiting DocuSign to trick users into revealing their corporate credentials. The criminals disguise phishing sites as genuine document-signing requests, highlighting the evolving ingenuity of cyber attackers. In another troubling discovery, spyware posing as a health app was found on the Amazon Appstore. Camouflaged as a blood pressure tracker, it secretly gathered personal data from users across several countries, prompting urgent advice to uninstall the app. In ransomware news, the notorious LockBit group is hinting at releasing an upgraded malware version, potentially increasing cyber threats. The cybersecurity community is on edge, preparing for any new developments. Finally, Google unveils a new AI-powered security feature for Chrome, designed to detect potential scam websites. This tool represents a major stride in combating phishing and enhancing online safety. Stay informed with Hacked dAily as we bring you the most critical updates from the cybersecurity frontier.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

22 Dec 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber, bringing you the latest in cyber news each day. Today's top stories: 1. The United States has charged Mikhail Vasiliev, a dual national from Russia and Israel, with distributing ransomware linked to the Lockbit group, amid global efforts to combat cybercrime impacting critical infrastructure and businesses. 2. A new method using Large Language Models is complicating cyber threat detection by obfuscating malicious JavaScript. Researchers reveal these models transform harmful code, evading traditional security measures, signaling a technological chess match between defenders and cybercriminals. 3. North Korean hackers target the nuclear power sector, carrying out cyber-espionage via phishing tactics. Linked to North Korea’s Reconnaissance General Bureau, this campaign heightens global nuclear security risks, urging improved cybersecurity protocols. In other news, Ascension faces a ransomware breach affecting 5.6 million individuals’ data, prompting urgent security enhancements. And finally, Builder.ai’s recent database misconfiguration exposed 1.29 terabytes of records, spotlighting the essential need for robust data protection to prevent unauthorized access. Stay with Hacked dAily for your essential cyber updates. Don't forget to follow and tune in tomorrow for more insights into the ever-evolving world of cybersecurity.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

21 Dec 20243min

Dive into today's insights on Hacked dAily, the premier AI-driven cybersecurity podcast by Cytadel Cyber. Our first headline covers the Cybersecurity and Infrastructure Security Agency's (CISA) latest alert regarding a severe vulnerability in BeyondTrust software. The flaw, which impacts BeyondTrust Privilege Management, is reportedly being exploited, urging organizations to strengthen their defenses promptly. Next, we explore the alarming trend of sophisticated malware targeting engineering workstations within operational and industrial control systems. These cyber threats could disrupt vital industrial processes, making it imperative for companies to implement enhanced security measures. Our third story focuses on Fortinet's urgent advisory about a critical vulnerability in its FortiWLM wireless management product. Identified as CVE-2023-29163, this flaw poses a risk of unauthorized access, underscoring the need for immediate patch applications to protect vital network infrastructures. In other news, the cybersecurity community grapples with NotLockBit, a novel ransomware variant capable of wreaking havoc on both macOS and Windows platforms. With advanced capabilities like data exfiltration and self-deletion, it highlights the necessity for robust cybersecurity protocols and regular data backups. Finally, we discuss the transformative impact of AI on phishing scams. AI is making phishing more sophisticated and harder to identify, emphasizing the importance of training and vigilance in spotting inconsistencies and verifying suspicious communications. Join us tomorrow for more cybersecurity updates.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

20 Dec 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast brought to you by Cytadel Cyber, where we dive into the critical cyber happenings shaping the digital landscape. Here's what's on our radar today: In a massive breach impacting millions, credit and debit card information of nearly 5 million consumers has been exposed, shedding light on persistent vulnerabilities in financial data security systems. Cybercriminals have upped their game with fake CAPTCHA pages mimicking trusted services such as Google and CloudFlare. These fraudulent pages execute malware through clipboard scripts, threatening user data with infostealers and remote-access trojans. A revamped version of the notorious Python malware, NodeStealer, targets Facebook Ads Manager accounts. This variant aims at data theft and unauthorized ad placements, stressing the need for enhanced cybersecurity measures for social media-reliant businesses. The NCC Group's latest Threat Pulse report reveals the rise of Ymir ransomware, emphasizing a notable collaboration among cybercriminals. Using a single-extortion approach, Ymir poses challenges for detection, with Europe and North America encountering a significant increase in ransomware incidents this November. Lastly, the use of AI by cybercriminals presents a new threat through "white pages," which disguise phishing schemes behind seemingly legitimate content. Leveraging AI-generated material, these pages demonstrate AI's dual potential in both constructive and malevolent applications. Stay tuned daily for essential cybersecurity insights with Hacked dAily!This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

19 Dec 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber. On today's episode, we dive into the latest cyber threats, regulatory actions, and innovations in the industry. First up, Thai police systems are reeling from a cyberattack by the 'Yokai' backdoor. Originating from an unidentified hacker group, this breach exposes vulnerabilities in Thailand's governmental networks, sparking urgent calls for improved digital defenses. In Europe, Meta faces a €251 million fine by the Irish Data Protection Commission following a 2018 breach that compromised data from 29 million accounts. This hefty penalty highlights increasing regulatory scrutiny and long-lasting aftermaths tech giants face over data protection missteps. Across the tech landscape, Microsoft Azure Data Factory is grappling with bugs that threaten cloud infrastructure security. Potentially leading to unauthorized access and disruptions, these issues underscore the pressing need for robust security strategies. Microsoft is currently investigating and working to resolve these vulnerabilities. In other news, the ransomware group Interlock has breached Texas Tech University Health Sciences Center, impacting over 1.46 million patients. Similarly, Telecom Namibia suffers a cyberattack by the Hunters International Ransomware Gang, who leaked sensitive government data after unmet ransom demands. Lastly, Wald.ai has unveiled a new DLP tool to protect AI platforms, marking a significant step in data security for emerging technologies. Tune in tomorrow for the latest in cybersecurity. Stay safe out there!This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

18 Dec 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast brought to you by Cytadel Cyber. Stay tuned for today's top stories on the latest developments and threats in the cyber realm. First, the FBI is alerting organizations about cyberattacks utilizing HiatusRAT malware. This insidious malware targets network devices such as web cameras and DVRs, compromising security and privacy by granting hackers unauthorized access and control. Next, the Mask APT group, also known as Careto, has resurfaced with more advanced malware capable of targeting multiple platforms, including Windows, macOS, and Linux. The sophistication of these attacks poses increased risks to governments and businesses worldwide. In other news, cybercriminals are deploying malicious ads with fake CAPTCHA pages to spread the Lumma infostealer. This tactic deceives users into downloading the malware, leading to the theft of credentials and financial information. Stay vigilant in verifying online security checks to avoid falling prey. Additionally, the US Marshals Service faces a second ransomware attack within two years. This breach underscores the urgent need for enhanced cybersecurity measures to protect sensitive government data. Lastly, beware of a new investment scam leveraging AI and social media ads. These scams utilize fake testimonials and professional profiles to lure unsuspecting investors, emphasizing the importance of verifying investment opportunities. Join us tomorrow for another episode of Hacked dAily. Stay safe, stay secure.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

17 Dec 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast brought to you by Cytadel Cyber. Stay updated on the latest in cyber threats and security trends every day. In today's top stories, the Ukraine-Russia conflict takes a disturbing turn as reports surface about Ukrainian minors being recruited for cyber operations. This development raises serious ethical concerns about the involvement of children in war-torn regions. Google's advertising platform becomes a battleground with a new phishing campaign targeting Kaiser Permanente employees. The attackers impersonated the health care company's HR portal and used a fake browser update to deploy the SocGholish malware, highlighting ongoing threats in search ads. Data theft makes headlines again as the Clop ransomware group claims to have infiltrated Cleo company's systems, exfiltrating sensitive information. This incident underscores the growing sophistication of ransomware attacks on businesses. In other news, Rhode Island's RIBridges system faces a ransomware threat, prompting potential data leaks and urging users to enhance their security measures. The state ensures affected households are informed about accessing free credit monitoring. Finally, we address a rising threat to AI industries with 'TPUXtract.' This new vulnerability allows attackers to extract AI models from Tensor Processing Units, emphasizing the urgent need for safeguarding AI intellectual property. Stay tuned for more updates on "Hacked dAily." Protecting your digital world starts with staying informed.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

16 Dec 20243min

Welcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber, your daily dose of the latest in the fast-evolving world of cybersecurity. In today's episode, we discuss a significant breach affecting WordPress. A supply chain attack has compromised around 390,000 accounts, infiltrating through a third-party component. Users are advised to change their passwords and verify the integrity of their plugins and themes. Next, we delve into Krispy Kreme's recent cyberattack that hit its US online ordering systems. This incident serves as a stark reminder of the importance of robust cybersecurity strategies across all industries. Current investigations are underway, with no confirmation yet on compromised customer data. In international news, the Russian cyber espionage group, Turla, has developed Android spyware targeting Ukrainian users. Disguised as a pro-Ukrainian app, this sophisticated malware reflects the growing complexity of state-sponsored cyber threats. Additionally, a ransomware attack has plagued a critical supplier, affecting operations at Starbucks and major UK supermarkets, resulting in significant supply chain disruptions. Finally, we discuss a survey highlighting AI-enhanced cyberattacks as a major threat to API security. These sophisticated attacks challenge current security frameworks, stressing the need for advanced protection measures. Stay tuned for today's insights and expert analysis on Hacked dAily.This episode is sponsored by Cytadel Cyber. Specialist in Ransomware Readiness Assessments, Threat Intel-Led Red Teaming, AI DeepFakes, AI Voice Cloning and AI Vishing Simulations. Cyatdel helps you test your cyber resilience against the threats of today, keeping your data secure. Checkout cytadel.co.uk for more information.

15 Dec 20243min