"Nova Scotia Power confirms it was hit by ransomware attack, but has not paid the ransom."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 27 May 2025, 1410 UTC.

Content and Source:  Email subscription via https://feedly.com.

https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please check email link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

73K followers27 articles per week

#security#tech

10

Most popular

Nova Scotia Power confirms it was hit by ransomware attack but hasn’t paid the ransom

4 TTPs

•

by Pierluigi Paganini / 6h

•

Nova Scotia Power data breach confirmed

Nova Scotia Power confirms it was hit by a ransomware attack but hasn’t paid the ransom, nearly a month after first disclosing the cyberattack. Nova Scotia Power confirmed it was hit by a ransomware attack nearly a month after disclosing a cyber incident. The company revealed it hasn’t paid the ransom. Nova Scotia Power Inc. is a vertically integrated electric utility serving the province of Nova

Operation ENDGAME disrupted global ransomware infrastructure

Initial Access (Enterprise TA0001)

•

by Pierluigi Paganini / 2d

•

Operation Endgame disrupts ransomware

Operation ENDGAME dismantled key ransomware infrastructure, taking down 300 servers, 650 domains, and seizing €21.2M in crypto. From May 19 to 22, 2025, Operation ENDGAME, coordinated by Europol and Eurojust, disrupted global ransomware infrastructure. Law enforcement took down down 300 servers and 650 domains, and issuing 20 international arrest warrants. “A Command Post was set up at Europol he

China-linked APT UNC5221 started exploiting Ivanti EPMM flaws shortly after their disclosure

17 TTPs

•

by Pierluigi Paganini / 1d

China-linked APT exploit Ivanti EPMM flaws to target critical sectors across Europe, North America, and Asia-Pacific, according to EclecticIQ. Researchers from EclecticIQ observed a China-linked APT group that chained two Ivanti EPMM flaws, tracked as CVE-2025-4427 and CVE-2025-4428 , in attacks against organizations in Europe, North America, and Asia-Pacific. Below is the description of the flaw

Yesterday

Crooks stole over $200 million from crypto exchange Cetus Protocol

2 TTPs

•

by Pierluigi Paganini / 7h

Cetus Protocol reported a $223 million crypto theft and is offering to drop legal action if the stolen funds are returned. Last week, threat actors stole about $223 million from decentralized crypto exchange Cetus. The platform was paused during the investigation and later confirmed the cyber heist. Alert Announcement There was an incident detected on our protocol and our smart contract has been

Marlboro-Chesterfield Pathology data breach impacted 235,911 individuals

3 TTPs

•

by Pierluigi Paganini / 19h

•

Marlboro-Chesterfield Pathology data breach

SafePay ransomware hit Marlboro-Chesterfield Pathology, stealing personal data of 235,000 people in a major breach. SafePay ransomware hit Marlboro-Chesterfield Pathology, stealing personal data of 235,000 people in a major breach at the North Carolina-based lab. Marlboro-Chesterfield Pathology (MCP), founded in 1990 in Pinehurst, NC, is a full-service lab offering molecular, cytology, and pathol

May 25, 2025

Fake software activation videos on TikTok spread Vidar, StealC

15 TTPs

•

by Pierluigi Paganini / 1d

•

AI TikTok videos install malware

Crooks use TikTok videos with fake tips to trick users into running commands that install Vidar and StealC malware in ClickFix attacks. Cybercriminals leverage AI-generated TikTok videos in ClickFix attacks to spread Vidar and StealC malware, reports Trend Micro. These videos trick users into running PowerShell commands disguised as software activation steps for tools like Windows, Office, CapCut

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 46

by Pierluigi Paganini / 2d

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Sarcoma Ransomware Unveiled: Anatomy of a Double Extortion Gang RVTools Bumblebee Malware Attack – How a Trusted IT Tool Became a Malware Delivery Vector Malicious ‘Checker’ Packages on PyPI Probe TikTok and Instagram for Valid Accounts RedisRaider: Weaponizing mis

Security Affairs newsletter Round 525 by Pierluigi Paganini – INTERNATIONAL EDITION

by Pierluigi Paganini / 2d

A new round of the weekly Securitythe weekly Security Affairs newsletterAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Silent Ransom Group targeting law firms, the FBI warns Leader of Qakbot cybercrime network indicted in U.S. crackdow

May 24, 2025

Silent Ransom Group targeting law firms, the FBI warns

5 TTPs

•

by Pierluigi Paganini / 2d

•

FBI warns law firms of cyberattacks

FBI warns Silent Ransom Group has targeted U.S. law firms for 2 years using callback phishing and social engineering extortion tactics. The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S. law firms using phishing and social engineering. Linked to BazarCall campaigns, the group previously enabled Ryuk and Conti ransomware attacks. “The cyber

Leader of Qakbot cybercrime network indicted in U.S. crackdown

3 TTPs

•

by Pierluigi Paganini / 3d

•

US indicts Qakbot botnet leader

The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices and was used in ransomware attacks. The U.S. authorities have indicted Russian national Rustam Gallyamov, the leader of the Qakbot operation, which infected over 700,000 computers and facilitated ransomware attacks. Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malwa

End of feed