👉 What’s going on in the cyber world today?
Neglected Domains, Email Spoofing, Phishing Scams, Motorola, License Plate Readers, IoT, Ivanti Vulnerabilities, WordPress Plugin, Fancy Product Designer, Medusind Data Breach, Health Information, Ukrainian Hacktivists, Nodex, Russian ISP, Pediatric Home Service, Eastern Idaho Public Health, Insider Data Breach, Dignity Health, HIPAA Security Rule, Healthcare Cybersecurity, EU Commission, Data Privacy Breach, UK Government, Cybersecurity Workforce, Cybersecurity Funding, HIPAA Violations
Listen to the full podcast
🚨 Cyber Alerts
Researchers have uncovered a surge in phishing campaigns leveraging spoofed email addresses to bypass security measures. These attacks often exploit old, neglected domains, which lack DNS records like Sender Policy Framework (SPF), making them appear more credible. One campaign involves QR code attachments luring victims to phishing sites disguised as tax-related services, while others impersonate major brands like Amazon and Mastercard to steal credentials. Additional schemes include extortion emails demanding Bitcoin payments and phishing campaigns targeting industries like government and construction, using trusted platforms to redirect victims to malicious pages.
A security researcher discovered that Motorola’s automated license plate reader (ALPR) cameras are mistakenly streaming live data, including license plates and video footage, to the unsecured internet. This misconfiguration, which affects many cameras deployed across the U.S., enables anyone with the IP address to view the streams without authentication. Researchers also created tools to automatically scan and collect sensitive information such as vehicle details, creating a significant privacy risk as it allows individuals to track movements in real time.
Cybersecurity researchers have uncovered a sophisticated scam in the Middle East, where cybercriminals pose as government officials to trick individuals into granting remote access to their devices. Using legitimate software like AnyDesk and TeamViewer, scammers gain access to sensitive personal and financial information, including credit card details and one-time passwords. The scam preys on individuals who have previously filed complaints with government services, enhancing the attackers’ credibility and making victims more likely to comply.
Ivanti has issued a warning about hackers exploiting a newly discovered vulnerability in its products, including Connect Secure, Policy Secure, and ZTA Gateways. Affected customers have already experienced the exploitation of one of the identified vulnerabilities, CVE-2025-0282, though Ivanti has not seen attacks on its Policy Secure or ZTA Gateway products. The company has released a patch for Connect Secure and is planning updates for the other products in January.
The Fancy Product Designer plugin for WordPress, developed by Radykal, is vulnerable to two critical security flaws, as discovered by Patchstack’s Rafie Muhammad. The plugin, which allows users to customize product designs on WooCommerce sites, is susceptible to a remote code execution and SQL injection flaw, both of which have high severity ratings. Despite being notified by Patchstack in March 2024, Radykal has not addressed the issues, leaving over 20,000 users at risk.
💥 Cyber Incidents
Medusind, a Miami-based healthcare billing provider, has revealed a data breach affecting over 360,000 individuals. The breach, which occurred in December 2023, exposed sensitive personal and health information, including insurance details, medical records, and government IDs. Despite discovering suspicious activity over a year ago, the company only recently notified the affected individuals. Medusind is offering two years of free identity monitoring services to those impacted by the breach.
Ukrainian hacktivists from the Ukrainian Cyber Alliance claimed responsibility for a cyberattack on Russian internet provider Nodex, breaching its network and stealing sensitive documents. They wiped out systems, leaving them without backups and shared screenshots of the infrastructure they compromised. Nodex confirmed the attack and began working on restoring services, but could not offer a timeline for full recovery. This attack adds to the list of breaches claimed by the Ukrainian Cyber Alliance, which has been active since 2016 in defending Ukraine from Russian cyber aggression.
Pediatric Home Respiratory Services, LLC recently reported a data breach after an unauthorized party gained access to sensitive consumer information. The breach, which may involve a cyberattack or a third-party vendor compromise, exposed personal details including names, Social Security numbers, addresses, medical and health insurance information. In response, the company sent out notifications to affected individuals and filed a report with the Texas Attorney General on January 8, 2024. The company continues to investigate the breach, with more details expected in the future.
Eastern Idaho Public Health recently uncovered an insider data breach involving a former employee. The breach, which involved unauthorized access to patient records, specifically clinic notes, was detected through a review of access logs. The affected information included health screenings, patient histories, and test results, but no copies were made or used maliciously. After confirming the breach, the employee was terminated, and staff were retrained on HIPAA compliance to prevent future incidents.
Dignity Health, a nonprofit healthcare organization based in California, recently confirmed a data breach affecting its sensitive personal identifiable information and protected health information. The breach was identified on September 20, 2024, when an active cyber event was detected on its IT network, which was temporarily disabled until it was restored the following day. Following the discovery, Dignity Health launched an investigation to determine the full scope of the incident.
📢 Cyber News
The U.S. Department of Health and Human Services (HHS) proposed updates to the HIPAA Security Rule, aiming to bolster healthcare cybersecurity. The new requirements, which would mandate multi-factor authentication, encryption, and network segmentation, address the growing threat of cyberattacks on healthcare organizations. These changes, which are now open for public comment, are seen as essential for improving patient safety and protecting sensitive data from breaches and ransomware.
The European General Court fined the European Commission for violating data privacy regulations. The case involved the unauthorized transfer of a German citizen’s personal data to Meta’s servers in the U.S. when they used the Commission’s login service on a website. The court ruled that the transfer occurred without adequate safeguards and ordered the Commission to pay compensation to the individual affected.
The UK government has unveiled a £1.9 million initiative aimed at boosting the nation’s cybersecurity resilience. With funding from both the government and private sectors, the project will support 30 “Cyber Local” schemes across England and Northern Ireland, focusing on strengthening local business resilience and increasing the cybersecurity workforce. These initiatives aim to address the growing skills gap in cybersecurity, which has reached 93,000 unfilled positions as of 2024, while also fostering a safer digital environment.
Pinpoint Search Group’s 2024 report shows a 16% drop in cybersecurity funding rounds, with 304 tracked, but the total funding raised increased by 9% to $9.5 billion. The early-stage funding rounds dominated the volume, accounting for 59%, though late-stage rounds raised the majority of the funds, representing more than half. The first half of the year saw major funding rounds, including $1 billion from Wiz and $300 million from Cyera, while the last quarter showed a decline in total funding to $1.7 billion. Despite fewer funding rounds, mergers and acquisitions continued to thrive, with 79 deals tracked in the same period.
A Massachusetts-based firm and a Virginia data hosting company have agreed to settle with federal regulators after ransomware breaches compromised sensitive patient data. Elgon Inc. was fined $80,000 after a March 2023 ransomware attack exposed the personal information of over 31,000 patients. Meanwhile, Virtual Private Network Solutions, also fined $90,000, had a breach in October 2021 affecting the data of 6,400 individuals.
Copyright © 2025 CyberMaterial. All Rights Reserved.
