"CEO of cybersecurity firm charged with installing malware on hospital systems."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 27 April 2025, 1459 UTC.

Content and Source provided by "Security Affairs", 27 April 2025.

 https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check email link above or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

72K followers24 articles per week

#security#tech

14

Most popular

CEO of cybersecurity firm charged with installing malware on hospital systems

Cybersecurity CEO arrested for malware

•

100+by Pierluigi Paganini / 1d

Veritaco CEO Jeffrey Bowie faces charges for allegedly installing malware on hospital computers, violating Oklahoma’s Computer Crimes Act. Jeffrey Bowie, CEO of the cybersecurity firm Veritaco, is facing two counts of violating Oklahoma’s Computer Crimes Act for allegedly infecting employee computers at the Oklahoma City St. Anthony Hospital . The man is accused of having installed the malware on

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 43

by Pierluigi Paganini / 5h

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Inside Gamaredon’s PteroLNK: Dead Drop Resolvers and evasive Infrastructure XRP supply chain attack: Official NPM package infected with crypto stealing backdoor SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation New Rust Botnet “RustoBot” is

Storm-1977 targets education sector with password spraying, Microsoft warns

IoC > 1 domain

•

by Pierluigi Paganini / 1h

•

7 TTPs

•

Storm-1977 targets education cloud security

Microsoft warns that threat actor Storm-1977 is behind password spraying attacks against cloud tenants in the education sector. Over the past year, Microsoft Threat Intelligence researchers observed a threat actor, tracked as Storm-1977, using AzureChecker.exe to launch password spray attacks against cloud tenants in the education sector. AzureChecker.exe connected to sac-auth[.]nodefunction[.]vi

Yesterday

Security Affairs newsletter Round 521 by Pierluigi Paganini – INTERNATIONAL EDITION

by Pierluigi Paganini / 5h

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. African multinational telco giant MTN Group disclosed a data breach CEO of cybersecurity firm charged with installing malware on hospital systems JPCERT w

African multinational telco giant MTN Group disclosed a data breach

by Pierluigi Paganini / 19h

African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information. MTN Group Limited is a South African multinational telecommunications company headquartered in Johannesburg. Founded in 1994, it has grown to become Africa’s largest mobile network operator, serving over 290 million subscribers across 18 countries in Africa and the Mi

Apr 25, 2025

JPCERT warns of DslogdRAT malware deployed in Ivanti Connect Secure

13 TTPs

•

by Pierluigi Paganini / 1d

Researchers identified a new malware, named DslogdRAT, deployed after exploiting a now-patched flaw in Ivanti Connect Secure (ICS). JPCERT/CC researchers reported that a new malware, dubbed DslogdRAT, and a web shell were deployed by exploiting a zero-day vulnerability during attacks on Japanese organizations in December 2024. The vulnerability, tracked as CVE-2025-0282 (CVSS score: 9.0), is a st

SAP NetWeaver zero-day allegedly exploited by an initial access broker

13 TTPs

•

by Pierluigi Paganini / 1d

•

CVE-2025-31324

A zero-day in SAP NetWeaver is potentially being exploited, putting thousands of internet-facing applications at risk. Researchers warn that a zero-day vulnerability, tracked as CVE-2025-31324 (CVSS score of 10/10), in SAP NetWeaver is potentially being exploited. Thousands of internet-facing applications are potentially at risk. The flaw in SAP NetWeaver Visual Composer Metadata Uploader stems f

Operation SyncHole: Lazarus APT targets supply chains in South Korea

12 TTPs

•

by Pierluigi Paganini / 2d

•

Lazarus targets South Korean supply chains

The North Korea-linked Lazarus Group targeted at least six firms in South Korea in a cyber espionage campaign called Operation SyncHole. Kaspersky researchers reported that the North Korea-linked APT group Lazarus targeted at least six firms in South Korea in a cyber espionage campaign tracked as Operation SyncHole. The campaign has been active since at least November 2024, Lazarus Group is targe

Apr 24, 2025

Interlock ransomware gang started leaking data allegedly stolen from leading kidney dialysis firm DaVita

2 TTPs

•

by Pierluigi Paganini / 2d

•

Interlock ransomware attacks DaVita Kidney Care

The Interlock ransomware gang claimed responsibility for the attack on the leading kidney dialysis company DaVita and leaked alleged stolen data. DaVita Inc . provides kidney dialysis services through a network of 2,675 outpatient centers in the United States, serving 200,800 patients, and 367 outpatient centers in 11 other countries, serving 49,400 patients. DaVita specializes in treating end-st

Yale New Haven Health (YNHHS) data breach impacted 5.5 million patients

Impact (Enterprise TA0040)

•

by Pierluigi Paganini / 2d

•

Yale New Haven Health data breach

Yale New Haven Health (YNHHS) announced that threat actors stole the personal data of 5.5 million patients in a cyberattack. Yale New Haven Health (YNHHS) disclosed a data breach that exposed personal information of 5.5 million patients following a cyberattack that occurred earlier this month. Yale New Haven Health System (YNHHS) is a nonprofit healthcare network headquartered in New Haven, Conne

Crooks exploit the death of Pope Francis

8 TTPs

•

by Pierluigi Paganini / 3d

, using public curiosity and emotion to launch scams and spread malware, an old tactic during global events. After Pope Francis’ death, cybercriminals launched scams and malware attacks, exploiting public curiosity, grief, and confusion. Cybercriminals are ready to exploit any event of global interest, it has already happened in the past during events like Queen Elizabeth II’s death or the COVID-

WhatsApp introduces Advanced Chat Privacy to protect sensitive communications

WhatsApp enhances privacy features

•

by Pierluigi Paganini / 3d

WhatsApp adds Advanced Chat Privacy feature that allows users to block others from sharing chat content outside the app. WhatsApp announced the availability of a new feature called “Advanced Chat Privacy” for both individual and group chats that enhances content protection. The feature blocks chat exports, auto-media downloads, and the use of messages in AI features, ensuring conversations stay p

Apr 23, 2025

Android spyware hidden in mapping software targets Russian soldiers

Spyware targets Russian military app

•

by Pierluigi Paganini / 3d

A new Android spyware was discovered in a fake Alpine Quest app, reportedly used by Russian soldiers for war zone planning. Doctor Web researchers uncovered a new spyware, tracked as Android.Spy.1292.origin, targeting Russian military personnel. The malicious code was hidden in a trojanized Alpine Quest app and spread via Russian Android catalogs. The malware steals contacts, geolocation, and fil

Crypto mining campaign targets Docker environments with new evasion technique

IoC > 1 domain

•

by Pierluigi Paganini / 3d

•

6 TTPs

•

Docker malware exploits crypto mining

New malware campaign targets Docker environments using unknown methods to secretly mine cryptocurrency, researchers warn. Researchers from Darktrace and Cado Security have spotted a malware campaign that targets Docker environments with a novel technique to mine cryptocurrency. The malware campaign targets Docker environments to deploy a malicious node connected to Teneo, a decentralized infrastr

End of feed