A significant breach of AT&T's network by the Chinese state-sponsored group, Salt Typhoon, has led to unauthorized access to sensitive U.S. telecommunications data. Active undetected for over 18 months until 2023, the breach exposed critical communications metadata of FBI informants, potentially creating a crisis for
Vault 33: Cyber News - Intel - Research
Vault 33 is your ultimate hub for cutting-edge cybersecurity insights, delivering expert analysis, detailed tutorials, research, and the latest updates in threat and vulnerability management.
Read Our Latest Posts
Latest Posts
158 Posts
Intel
|
Jan 14, 2025
In a significant cyber espionage campaign attributed to Russian entities, hackers have been actively targeting Kazakhstan to harvest economic and political intelligence. This operation is believed to be orchestrated by the cyber group UAC-0063, considered to overlap with the notorious APT28, linked to Russia's military intelligence, the GRU.
Medusind, a prominent provider of revenue cycle management and practice management software based in Florida, has disclosed a significant data breach impacting 360,934 individuals. Detected and halted on December 23, 2023, during an unauthorized intrusion, this breach has only recently been communicated to affected parties.* A comprehensive investigation by
In a detailed report, cybersecurity firm Infoblox has unveiled the sophisticated use of domain spoofing in worldwide spam operations. This discovery emerged from a collaborative cybersecurity study focused on the Chinese Great Firewall, specifically addressing activities by a threat actor dubbed "Muddling Meerkat." Initially, the research aimed to
Intel
|
Jan 13, 2025
A new remote code execution (RCE) vulnerability, tracked as CVE-2024-50603, has been discovered in Aviatrix Controller, posing significant risks to cloud environments. This severe vulnerability allows unauthenticated attackers to execute arbitrary commands through improperly sanitized user inputs, earning it a maximum CVSS score of 10.0. Patches have been released
Recent cybersecurity incidents have emerged in various healthcare institutions, unveiling insider threats and unauthorized access. Eastern Idaho Public Health, Pacific Pulmonary Medical Group, and Ingham County Medical Care Facility have reported breaches, raising concerns about data security and privacy. Eastern Idaho Public Health Breach Eastern Idaho Public Health has notified
News
|
Jan 13, 2025
Teton Orthopaedics has recently informed over 13,000 individuals of a ransomware attack that was detected nine months ago. The disclosure highlights potential lapses in timely notification and public reporting following a cyber incident involving significant personal and medical data exfiltration. **Initial Discovery:** The breach was first identified on March
A Chinese cyber adversary known as UNC5337 has resumed its focus on uncovering vulnerabilities within Ivanti remote access devices, marking another chapter in a series of security challenges faced by the IT vendor. This latest threat leverages a critical remote code execution (RCE) vulnerability discovered in Ivanti’s products, reigniting
News
|
Jan 11, 2025
On January 11, 2025, the United States Department of Justice (DoJ) charged three Russian citizens, Roman Vitalyevich Ostapenko, Alexander Evgenievich Oleynik, and Anton Vyachlavovich Tarasov, with running illicit cryptocurrency mixing services, specifically Blender.io and Sinbad.io. Arrest and Charges Ostapenko and Oleynik were apprehended on December 1, 2024, through
Intel
|
Jan 11, 2025
Unmasking the Threat Microsoft has taken a significant step in its cybersecurity efforts by initiating legal proceedings against a "foreign-based threat actor group" involved in bypassing safeguards of its AI services to create harmful content. The company’s Digital Crimes Unit (DCU) reports that these adversaries have developed
Browse by Tags
3 Tags
