Dell Confirms Database Hack, 49 Million Customers Affected

Dell has confirmed a security breach involving a database containing customer information related to purchases. The company has sent out notification emails to affected customers, warning of a hack that is believed to have impacted 49 million customers. The email, titled "An important message about your Dell information," states that the database contains limited types of customer information and that Dell is currently investigating the incident. The breach is thought to have occurred on a Dell portal, and the company has not yet disclosed what specific information was accessed or stolen. Customers are advised to be vigilant and monitor their accounts for any suspicious activity.

Cyberattack Forces Major US Healthcare Network to Divert Ambulances from Hospitals

A cyberattack on Ascension, a large US healthcare network with 140 hospitals in 19 states, has forced the diversion of ambulances from several hospitals and disrupted access to electronic health records, phone systems, and other critical systems. The attack, believed to be a ransomware attack using the Black Basta malware, has prompted Ascension to revert to backup processes, including paper records, to continue caring for patients. The incident has drawn attention from senior US officials, who are working to understand the impact on patient care. This is the latest in a series of high-profile cyberattacks on healthcare organizations, highlighting the vulnerability of the healthcare system to disruptive cyberattacks.

Russian APT28 Threat Group Exploits Windows Print Spooler Vulnerability

Microsoft has warned users of its systems that the Russian APT28 threat group, also known as Fancy Bear, is exploiting a critical vulnerability in the Windows Print Spooler (CVE-2022-38028) to escalate privileges and steal credentials and data. The attackers use a previously unknown hacking tool called GooseEgg to drop malicious code and gain persistence on compromised systems. This warning highlights the ongoing risk posed by cyber adversaries who exploit common software vulnerabilities to conduct espionage and data theft, and serves as a crucial reminder for organizations to proactively strengthen their cyber defenses.

FBI Warns US Retailers of Cybercriminals Targeting Gift Card Systems

The FBI has issued a warning to US retailers about a financially-motivated hacking ring, known as STORM-0539 (also as Atlas Lion), that has been targeting employees with phishing attacks to create fraudulent gift cards. The group, active since 2021, uses sophisticated phishing kits to defeat multi-factor authentication defenses and is known for its persistence, using various techniques to continue attacks even after defenses have been implemented. The FBI's warning follows a similar alert from Microsoft in December regarding increased STORM-0539 activity during the holiday season. Gift card scams have resulted in significant consumer losses, with $217 million lost in 2023 alone. Retailers are advised to be vigilant and take measures to protect their gift card systems and employee data.