28 November 2023
Ukraine Alleges Hacking of Russian Aviation Agency
- Ukraine's Defense Ministry claims to have hacked Russia's Federal Air Transport Agency ('Rosaviatsia'), exposing alleged vulnerabilities in Russia's aviation sector.
North Korean Hackers' macOS Tactics Evolution
- North Korean threat actors modify tactics, employing RustBucket droppers to deploy KANDYKORN malware, identified by SentinelOne.
- Observations show tactics blending from different macOS malware strains.
Microsoft Deprecates Defender Application Guard for Office
- Microsoft is discontinuing Defender Application Guard for Office and the Windows Security Isolation APIs, recommending alternatives.
- Suggests utilizing Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control.
Police Dismantle Global Ransomware Group
- Law enforcement, in collaboration with Europol and Eurojust, arrests core members of a ransomware group in Ukraine.
- The group is linked to attacks on organizations across 71 countries.
Ransomware Strikes Indie Game Maker
- "Ethyrial: Echoes of Yore" MMORPG hit by a ransomware attack, leading to the deletion of 17,000 player accounts and their in-game progress.
Healthcare Giant Henry Schein Hit by BlackCat Ransomware Again
- Henry Schein faces a second cyberattack by the BlackCat/ALPHV ransomware gang, compromising their network for the second time in a month.
Ardent Hospital ERs Disrupted After Ransomware Attack
- Ardent Health Services, operating hospitals across six states, faces system disruption following a ransomware attack.
Slovenian Power Provider HSE Hit by Ransomware
- Slovenian power company HSE encounters a ransomware attack affecting its systems but doesn't disrupt electric power production.