Author Info

The Halcyon RISE Team has discovered a sophisticated ransomware campaign by a threat actor known as "Codefinger." This new attack targets Amazon S3 buckets, utilizing AWS’s Server-Side Encryption with Customer-Provided Keys (SSE-C) to lock data and demand ransom for the decryption keys. Attack Mechanism: The campaign leverages

A newly discovered zero-day vulnerability in FortiOS and FortiProxy systems is being actively exploited by cybercriminals to compromise Fortinet firewalls, posing a severe risk to enterprise network security. Vulnerability Details and Exploitation Type of Vulnerability: Authentication Bypass Affected Products: FortiOS and FortiProxy Impact: Unauthorized access and potential control hijacking of

In a significant cyber espionage campaign attributed to Russian entities, hackers have been actively targeting Kazakhstan to harvest economic and political intelligence. This operation is believed to be orchestrated by the cyber group UAC-0063, considered to overlap with the notorious APT28, linked to Russia's military intelligence, the GRU.

Medusind, a prominent provider of revenue cycle management and practice management software based in Florida, has disclosed a significant data breach impacting 360,934 individuals. Detected and halted on December 23, 2023, during an unauthorized intrusion, this breach has only recently been communicated to affected parties.* A comprehensive investigation by

In a detailed report, cybersecurity firm Infoblox has unveiled the sophisticated use of domain spoofing in worldwide spam operations. This discovery emerged from a collaborative cybersecurity study focused on the Chinese Great Firewall, specifically addressing activities by a threat actor dubbed "Muddling Meerkat." Initially, the research aimed to

A new remote code execution (RCE) vulnerability, tracked as CVE-2024-50603, has been discovered in Aviatrix Controller, posing significant risks to cloud environments. This severe vulnerability allows unauthenticated attackers to execute arbitrary commands through improperly sanitized user inputs, earning it a maximum CVSS score of 10.0. Patches have been released

Recent cybersecurity incidents have emerged in various healthcare institutions, unveiling insider threats and unauthorized access. Eastern Idaho Public Health, Pacific Pulmonary Medical Group, and Ingham County Medical Care Facility have reported breaches, raising concerns about data security and privacy. Eastern Idaho Public Health Breach Eastern Idaho Public Health has notified

Teton Orthopaedics has recently informed over 13,000 individuals of a ransomware attack that was detected nine months ago. The disclosure highlights potential lapses in timely notification and public reporting following a cyber incident involving significant personal and medical data exfiltration. **Initial Discovery:** The breach was first identified on March

A Chinese cyber adversary known as UNC5337 has resumed its focus on uncovering vulnerabilities within Ivanti remote access devices, marking another chapter in a series of security challenges faced by the IT vendor. This latest threat leverages a critical remote code execution (RCE) vulnerability discovered in Ivanti’s products, reigniting