In a significant development within the cybersecurity landscape, researchers have identified a critical zero-day vulnerability affecting Windows systems. This discovery comes at a time when the digital realm is increasingly under threat, as evidenced by an alleged cyberattack attributed to Ukrainian actors targeting Gazprombank, one of Russia’s largest financial institutions. The situation is compounded by the activities of the Russian hacking group BlueAlpha, which has been reported to exploit CloudFlare services for their operations.
Meanwhile, Microsoft has raised alarms regarding the Chinese hacking group Storm-0227, which has been actively targeting critical infrastructure and U.S. government agencies. In response to the evolving threat landscape, SonicWall has released patches addressing several high-severity vulnerabilities found in its secure access gateway, underscoring the urgency for organizations to bolster their cybersecurity defenses.
In a related incident, Atrium Health has disclosed a data breach that has impacted over half a million individuals, highlighting the ongoing risks associated with data security. Additionally, Rockwell Automation has revealed four critical vulnerabilities in its Arena software, which could potentially allow attackers to execute remote code.
On the enforcement front, U.S. authorities have made strides by arresting an alleged member of the Scattered Spider gang, known for its telecom hacks. This action reflects a broader commitment to combating cybercrime, as evidenced by the recent guilty plea from a Nebraska man involved in a .5 million cryptojacking scheme.
CyberWire Guest
In today’s episode, host Dave is joined by Hugh Thompson, the chair of the RSAC program committee. They delve into the details of the 2025 Innovation Sandbox Contest, which now includes an investment component designed to foster innovation in the cybersecurity space. Listeners can find more information in the accompanying press release.
Selected Reading
- New Windows 7 To 11 Warning As Zero-Day With No Official Fix Confirmed (Forbes)
- Russian users report Gazprombank outages amid alleged Ukrainian cyberattack (The Record)
- BlueAlpha Russian hackers caught abusing CloudFlare services (SC Media)
- U.S. org suffered four month intrusion by Chinese hackers (Bleeping Computer)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs ‘as of yesterday’ (The Register)
- SonicWall Patches 6 Vulnerabilities in Secure Access Gateway (SecurityWeek)
- Mitel MiCollab zero-day and PoC exploit unveiled (Help Net Security)
- Atrium Health Data Breach Impacts 585,000 People (SecurityWeek)
- Rockwell Automation Vulnerabilities Let Attackers Execute Remote Code (Cyber Security News)
- US arrests Scattered Spider suspect linked to telecom hacks (Bleeping Computer)
- Nebraska Man pleads guilty to .5 million cryptojacking scheme (Bleeping Computer)
Share your feedback.
We invite our listeners to share their thoughts and experiences with the podcast. Your feedback is invaluable as we strive to enhance our content. Please take a moment to complete our brief listener survey.
Want to hear your company in the show?
Engage with the most influential leaders and operators in the cybersecurity industry by featuring your company on our platform. For more information, please refer to our media kit and contact us at cyberwire@n2k.com.
The CyberWire is a proud production of N2K Networks, your trusted source for strategic workforce intelligence. © N2K Networks, Inc.
