From Europol: Following the massive botnet takedown codenamed Operation Endgame in May 2024, which shut down the biggest malware droppers, including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, law enforcement agencies across North America and Europe dealt another blow to the malware ecosystem in early 2025. In a coordinated series of actions, customers of the Smokeloader pay-per-install botnet,…
Pulse Urgent Care Center appears to be the victim of a ransomware attack
Medusa has struck another medical entity. This time, it is Pulse Urgent Care Center. According to its website, Pulse Urgent Care Center offers a range of services that includes urgent care, clinical medicine, women’s health, workers’ compensation, and employer services. Its headquarters is in Redding, California. It also has a location in Red Buff, California….
Oracle’s statement to customers is still raising questions about its disclosure and transparency
Today’s reminder to “Tell the truth, or someone will tell it for you,” courtesy of Kevin Beaumont: Oracle have finally issued to a written notification to customers about their cybersecurity incident. They are again wordsmithing. OCI is a different org unit in Oracle to Oracle Classic – they’re denying a different scope. Kevin also commented:…
CISA, experts warn of Crush file transfer attacks after a controversial disclosure
Jonathan Greig reports on another vulnerability affecting file transfer software that has been exploited soon after disclosure. In this case, though, there’s some contentious statements about responsible disclosure or lack thereof. Federal cybersecurity officials as well as incident responders at cyber companies say hackers are exploiting a vulnerability within the popular file transfer tool Crush….
MrBeast sues former employee for stealing confidential files and installing hidden cameras in company offices
Yet another reminder of the insider threat. As seen in The Express Tribune: YouTube superstar Jimmy “MrBeast” Donaldson has filed a lawsuit against former employee Leroy Nabors, alleging theft of confidential company data and unauthorized surveillance. As reported by Dexerto, the legal complaint accuses Nabors of misappropriating trade secrets, breaching his employment contract, and secretly recording…
Fall River schools chief: No insurance for cyberattack; says computer system remains down
Dan Medeiros and Emily Scherny report: The city’s public school computers will be down for the rest of the week after a cybersecurity attack infiltrated the district’s internal system — and a solution may cost the School Department out of pocket. At a joint meeting of the School Committee and City Council on Tuesday afternoon, Superintendent Tracy…