Ongoing Clop ransomware attacks leveraging a zero-day security vulnerability in the Fortra GoAnywhere Managed File Transfer system, tracked as CVE-2023-0669, have impacted the City of Toronto, as well as the U.K.'s Virgin Red and Pension Protection Fund, reports BleepingComputer.
Officials at the City of Oak Ridge, Tennessee noted that the city had its technology systems impacted by a ransomware attack, resulting in network issues, according to The Record, a news site by cybersecurity firm Recorded Future.
Kroger's mail-order pharmacy Postal Prescription Services, video software firm SundaySky, Blue Cross Blue Shield of Arizona, and Illinois-based Top of the World Ranch Treatment Center have been impacted by separate health data breaches, HealthITSecurity reports.
TechCrunch reports that iD Tech, a tech coding camp providing online and on-campus tech courses for children, has yet to confirm a data breach that resulted in the theft of thousands of users' personal information.
Middle Eastern telecommunications providers have been targeted in a new cyberespionage campaign associated with Operation Soft Cell, which has been led by Chinese state-sponsored threat operation Gallium, reports The Hacker News.
Ars Technica reports that TikTok CEO Shou Zi Chew has failed to assuage privacy and security concerns surrounding the video sharing platform in a testimony before the House Committee on Energy and Commerce.
Numerous threat actors have already been leveraging the new Nexus Android banking trojan, which enables the targeting of 450 financial apps with account takeover attacks, according to The Hacker News.
BleepingComputer reports that the BlackGuard information-stealing malware has been updated to target 57 cryptocurrency wallets and browser extensions, up from the 45 crypto-related wallets and extensions aimed by the malware in August.
Numerous file formats are being leveraged by North Korean advanced persistent threat group APT37, also known as Reaper, RedEyes, Scarcruft, and Ricochet Chollima, to facilitate malware distribution efforts, reports The Hacker News.
More than 12 new members from the private and government sectors have been welcomed to the Cybersecurity and Infrastructure Security Agency's Cybersecurity Advisory Committee, while updates have also been introduced for the agency's cross-sector cybersecurity performance goals, according to SecurityWeek.