Vice Society Pivots to Inc Ransomware in Healthcare Attack

Inc ransomware — one of the most popular among cybercriminals today — meets healthcare, the industry sector most targeted by RaaS. [TechWeb]( Follow Dark Reading: [RSS]( September 20, 2024 LATEST SECURITY NEWS & COMMENTARY [Vice Society Pivots to Inc Ransomware in Healthcare Attack]( Inc ransomware — one of the most popular among cybercriminals today — meets healthcare, the industry sector most targeted by RaaS. [GitLab Warns of Max Severity Authentication Bypass Bug]( Company urges organizations using self-hosting GitLab instances to apply updates for CVE-2024-45409 as soon as possible. [Concerns Over Supply Chain Attacks on US Seaports Grow]( US ports rely on cranes manufactured by a Chinese state-owned company, many with unmonitored cellular connections, causing cybersecurity concerns. [1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam]( The first patch lets threat actors with low-level credentials still exploit the vulnerability, while the second fully resolves the flaw. [Security Firm's North Korean Hacker Hire Not an Isolated Incident]( What happened to KnowBe4 also has happened to many other organizations, and it's still a risk for companies of all sizes due to a sophisticated network of government-sponsored fake employees. [FBI Leads Takedown of Chinese Botnet Impacting 200K Devices]( Once a user's device is infected as part of an ongoing Flax Typhoon APT campaign, the malware connects it to a botnet called Raptor Train, initiating malicious activity. [An AI-Driven Approach to Risk-Scoring Systems in Cybersecurity]( By enhancing threat detection, enabling real-time risk assessment, and providing predictive insights, AI is empowering organizations to build more robust defenses against cyber threats. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [How Shifts in Cyber Insurance Are Affecting the Security Landscape]( Ultimately, the goal of businesses and cyber insurers alike is to build more resilient IT environments to avoid cyberattacks and the ransom, downtime, and reputation hit that come along with them. [FCC: AT&T Didn't Adequately Protect Customers' Cloud Data]( Regulators fine AT&T $13 million for failing to protect customer information held by a third-party vendor, and extend consumer data protections to the cloud. [Security Firm's North Korean Hacker Hire Not an Isolated Incident]( What happened to KnowBe4 also has happened to many other organizations, and it's still a risk for companies of all sizes due to a sophisticated network of government-sponsored fake employees. [Name That Toon: Tug of War]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [MORE]( PRODUCTS & RELEASES [CrowdStrike Expands Cybersecurity Startup Accelerator With AWS and NVIDIA]( [Abstract Security Expands Multi-Cloud Security Operations]( [c/side Lands $6M to Combat Rising Browser Supply Chain Attacks]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Thousands of ServiceNow KB Instances Expose Sensitive Corporate Data]( Despite security updates to protect data, 45% of total enterprise instances of the cloud-based IT management platform leaked PII, internal system details, and active credentials over the past year. LATEST FROM THE EDGE [Coalition for Secure AI Promotes Safe, Ethical AI Development]( The Coalition for Secure AI (CoSAI) has expanded its roster of members with the addition of threat intelligence management, collaboration, and response orchestration vendor Cyware. LATEST FROM DR GLOBAL [Mastercard's Recorded Future Deal Furthers its AI Security Goals]( Mastercard's $2.65 billion deal to acquire the threat intelligence provider will boost the credit card company's AI-based cybersecurity protection capabilities. LATEST FROM DR TECHNOLOGY [North Korean APT Bypasses DMARC Email Policies in Cyber-Espionage Attacks]( How the Kimsuky nation-state group and other threat actors are exploiting poor email security — and what organizations can do to defend themselves. WEBINARS - [Get In Tune with Your Cloud Cyber Resilience Strategy]( - [Building Blocks for Next-Generation Security Operations]( [View More Dark Reading Webinars >>]( WHITE PAPERS - [Gartner Magic Quadrant for Application Security Testing]( - [Solution Brief: Introducing the runZero Platform]( - [Gartner Report: Cyber Asset Attack Surface Management]( - [Purple AI Datasheet]( - [Generative AI Gifts]( - [SecOps Checklist]( - [Tracking the Untrackable: Taking a Proactive Approach to Emerging Risks]( [View More White Papers >>]( FEATURED REPORTS - [Managing Third-Party Risk Through Situational Awareness]( - [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=125824&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_09.20.24&sp_cid=55133&utm_content=DR_NL_Dark%20Reading%20Daily_09.20.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#63 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)