Alphv/BlackCat claims to have stolen the data of 2.5 million McLaren Health Care patients. (Image: McLaren Health Care)

Group Claims It Stole 2.5 Million Patients' Data in Attack

Marianne Kolbasuk McGee • October 3, 2023

Ransomware-as-a-service gang Alphv/BlackCat claims to have stolen 6 terabytes of data on 2.5 million patients in a recent attack on Michigan-based McLaren Health Care, which operates 13 hospitals and a network of cancer centers. The incident is part of the group's rash of recent attacks.

►

Artificial Intelligence & Machine Learning

Chinese Hackers Target Routers in IP Theft Campaign

Latest

Endpoint Security

Chinese APT Actors Target WeChat Users

Jayant Chakravarti • October 3, 2023

Security researchers linked a surveillance toolkit called LightSpy to Chinese threat group APT41, which has a history of using surveillance malware on iOS and Android devices. The group used spam messages to convince users download a malicious WeChat application.

Governance & Risk Management

Palo Alto, Microsoft, Check Point Lead Zero Trust: Forrester

Michael Novinson • October 3, 2023

Palo Alto Networks remains a leader in Forrester's zero trust platform rankings while Microsoft and Check Point entered the leaders category for the first time. Vendors in the zero trust platform space ditched point products and pursued organic investments or M&A to create a broader offering.

DevSecOps

Ransomware Actors Exploit Critical Bug, Target DevOps Tool

Mihir Bagwe • October 3, 2023

Ransomware hackers are using a critical flaw in a DevOps tool days developer JetBrains issued a critical security update to patch its TeamCity build management and continuous integration server. Servers such as TeamCity are high-value targets since they manage source code, keys and secrets.

Standards, Regulations & Compliance

France Closes in on Digital Safety Bill

Akshaya Asokan • October 3, 2023

French lawmakers on Wednesday will mull limits on virtual private networks as part of an anti-cybercrime measure that would also require web browsers to notify users when they access websites listed on a government blacklist. The bill, widely known as SREN, passed the French Senate in June.

Encryption & Key Management

EU Lawmaker Questions CSAM Proposal 'Conflicts of Interest'

Akshaya Asokan • October 2, 2023

The head of a key European Parliament committee said he's concerned about media reports suggesting that a proposal mandating that instant messenger apps scan for CSAM was crafted under the influence of an American tech foundation and a nonprofit with ties the British and U.S. government.

Governance & Risk Management

Chertoff Group Arm to Buy Trustwave From Singtel for $205M

Michael Novinson • October 2, 2023

The private equity arm of former Secretary of Homeland Security Michael Chertoff's advisory firm agreed to purchase MDR vendor Trustwave for $205 million. The deal will allow Singtel to refocus its business in APAC and boost shareholder value by optimizing resource allocation.

Fraud Management & Cybercrime

Some Prospect Medical Hospitals in Dire State, Post-Attack

Marianne Kolbasuk McGee • October 2, 2023

An August cyberattack on a national hospital chain may make medical care in underserved areas of Connecticut even harder to obtain now that a would-be buyer said it's having second thoughts about going through with the deal. The Rhysida group claimed responsibility for an attack on Prospect Medical.

Cyberwarfare / Nation-State Attacks

Hackers Impersonate Meta Recruiter to Target Aerospace Firm

Prajeet Nair • October 1, 2023

Researchers discovered an undocumented backdoor being used by the North Korean Lazarus Group to target a Spanish aerospace company. The attacker masqueraded as a Meta recruiter and tricked the victim into downloading and executing malicious files on a company device.

Next-Generation Technologies & Secure Development

CrowdStrike Boosts Israeli Startup Ties With AWS Partnership

Michael Novinson • September 29, 2023

CrowdStrike has joined forces with Amazon Web Services to familiarize itself with more Israeli cyber startups earlier in their development life cycle. The Cybersecurity Startup Accelerator will provide EMEA-based companies with mentorship, technical expertise and partnership opportunities.

Artificial Intelligence & Machine Learning

NSA Stands Up New Organization to Harness AI

Rashmi Ramesh • September 29, 2023

The NSA has set up a new organization to oversee artificial intelligence in national security systems. Dubbed the AI Security Center, the unit will consolidate the agency's AI activities and support the government's effort to "maintain its competitive edge in AI," said Army Gen. Paul Nakasone.

Governance & Risk Management

ISMG Editors: Industry Impact of Cisco's Splunk Acquisition

Anna Delaney • September 29, 2023

In our latest weekly update, ISMG editors discuss key takeaways from a forum on developing a strategy for OT security, guidance issued by the U.S. Food and Drug Administration on cybersecurity in medical devices, and how the acquisition of Splunk by Cisco might affect the cybersecurity industry.

Network Detection & Response

IronNet Ceases Operations, Terminates All Remaining Staffers

Michael Novinson • September 29, 2023

The firm founded by retired four-star Army Gen. Keith Alexander and once valued at $1.2 billion has officially turned off the lights. IronNet on Friday ceased business operations and terminated remaining employees after probing alternatives and finding additional sources of cash unavailable.