/ en Sun, 15 Jun 2025 02:39:22 -0500 Tue, 10 Jun 25 08:32:02 -0500 <div class="container row"><div class="row"><div class="col-md-8"><p><strong>Today’s Headlines:   </strong></p><p><strong>Leading Story</strong></p><ul><li>Critical Salesforce Vulnerability Exposes Global Users to SOQL Injection Attacks</li></ul><p><strong>Data Breaches & Data Leaks </strong></p><ul><li>Drivers’ Data Compromised in TxDOT Data Breach of Nearly 300,000 Crash Reports</li><li>Arkana Ransomware Group Allegedly Claims Breach of Ticketmaster Databases</li></ul><p><strong>Cyber Crimes & Incidents</strong></p><ul><li>Grocery Wholesale Giant United Natural Foods Hit by Cyberattack</li><li>Malicious Browser Extensions Infect Over 700 Users Across Latin America Since Early 2025</li></ul><p><strong>Vulnerabilities & Exploits</strong>  </p><ul><li>Multiple QNAP Flaws Allow Remote Attackers to Hijack User Accounts</li></ul><p><strong>Trends & Reports</strong></p><ul><li>Global Cyberattacks Rise Sharply, Supply Chains Most Vulnerable</li><li>Second Quarter Phishing Report: The Latest Scams Exploiting Human Trust</li></ul><p><strong>Privacy, Legal & Regulatory</strong></p><ul><li>Australian Threat Actor Sentenced In May, Arrested by HSI Denver Faces Deportation</li></ul><p><strong>Upcoming Health-ISAC Events</strong></p><ul><li>Global Monthly Threat Brief<ul><li>Americas - June 24, 2025, 12:00-01:00 PM ET</li><li>European – June 25, 2025, 03:00-04:00 PM CET</li></ul></li></ul><p>View the detailed report below. </p></div><div class="col-md-4"><div><p><strong>For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:</strong></p><h3><a href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf">John Riggi</a></h3><h4>National Advisor for Cybersecurity and Risk, AHA</h4><h4><a href="mailto:jriggi@aha.org?subject=Cybersecurity and Risk Advisory Services Query">jriggi@aha.org</a></h4><h4>(O) <a href="tel:1-202-626-2272">+1 202 626 2272</a></h4><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf" target="_blank">More on John Riggi</a></div><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/guidesreports/2018-06-15-cybersecurity-and-risk-advisory-services" target="_blank">Learn more about AHA's Cybersecurity and Risk Advisory Services</a></div></div></div></div></div> Tue, 10 Jun 2025 08:32:02 -0500 H-ISAC: Green Reports <div class="container row"><div class="row"><div class="col-md-8"><p>The information provided in the report is pulled from threat actor data leak sites ‘as is,’ meaning, it is shared as it has been posted by the threat group. They have been known to make mistakes, have typos, mis-name victims, or use other language aside from the victim name. The report shares the information ‘as is’ and neither the source of the report, nor our team, goes to the individual sites to verify the information, though it can be (and we sometimes do) cross-referenced with other reporting sources. Neither the originator of the report, nor our team, is in direct discussion w/ the threat actors. There are cyber threat intelligence firms that do engage in cybercrime forums and can provide additional perspectives of victims and ongoing discussions occurring in those forums.</p><p>View the detailed report below.</p></div><div class="col-md-4"><div><p><strong>For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:</strong></p><h3><a href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf">John Riggi</a></h3><h4>National Advisor for Cybersecurity and Risk, AHA</h4><h4><a href="mailto:jriggi@aha.org?subject=Cybersecurity and Risk Advisory Services Query">jriggi@aha.org</a></h4><h4>(O) <a href="tel:1-202-626-2272">+1 202 626 2272</a></h4><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf" target="_blank">More on John Riggi</a></div><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/guidesreports/2018-06-15-cybersecurity-and-risk-advisory-services" target="_blank">Learn more about AHA's Cybersecurity and Risk Advisory Services</a></div></div></div></div></div> Tue, 10 Jun 2025 08:24:28 -0500 H-ISAC: Green Reports <div class="container row"><div class="row"><div class="col-md-8"><p>The information provided in the report is pulled from threat actor data leak sites ‘as is,’ meaning, it is shared as it has been posted by the threat group. They have been known to make mistakes, have typos, mis-name victims, or use other language aside from the victim name. The report shares the information ‘as is’ and neither the source of the report, nor our team, goes to the individual sites to verify the information, though it can be (and we sometimes do) cross-referenced with other reporting sources. Neither the originator of the report, nor our team, is in direct discussion w/ the threat actors. There are cyber threat intelligence firms that do engage in cybercrime forums and can provide additional perspectives of victims and ongoing discussions occurring in those forums.</p></div><div class="col-md-4"><div><p><strong>For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:</strong></p><h3><a href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf">John Riggi</a></h3><h4>National Advisor for Cybersecurity and Risk, AHA</h4><h4><a href="mailto:jriggi@aha.org?subject=Cybersecurity and Risk Advisory Services Query">jriggi@aha.org</a></h4><h4>(O) <a href="tel:1-202-626-2272">+1 202 626 2272</a></h4><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf" target="_blank">More on John Riggi</a></div><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/guidesreports/2018-06-15-cybersecurity-and-risk-advisory-services" target="_blank">Learn more about AHA's Cybersecurity and Risk Advisory Services</a></div></div></div></div></div><p> </p> Mon, 09 Jun 2025 11:53:00 -0500 H-ISAC: Green Reports <div class="container row"><div class="row"><div class="col-md-8"><p><strong>Today’s Headlines: </strong></p><p><strong>Leading Story</strong></p><ul><li>Honeywell Community Intelligence Reveals Ransomware Surge in Manufacturing, Healthcare; Rising Attacks in Agriculture and Food Sectors</li></ul><p><strong>Data Breaches & Data Leaks  </strong></p><ul><li>Largest Data Leak Ever Exposes Over 4 Billion User Records</li><li>Lee Enterprises Says 40,000 Hit by Ransomware-Caused Data Breach </li></ul><p><strong>Cyber Crimes & Incidents</strong></p><ul><li>Paste.ee Turned Cyber Weapon: XWorm and AsyncRAT Delivered by Malicious Actors </li></ul><p><strong>Vulnerabilities & Exploits  </strong></p><ul><li>Critical RCE Flaw Found in HPE Insight Remote Support Tool</li><li>CISA Warns of Chrome 0-Day Vulnerability Exploited in the Wild to Execute Arbitrary Code </li></ul><p><strong>Trends & Reports</strong></p><ul><li>830 Organizations Breached via Glitch-Hosted Phishing Attack Using Telegram & Fake CAPTCHAs</li><li>Honeywell Community Intelligence Reveals Ransomware Surge in Manufacturing, Healthcare; Rising Attacks in Agriculture and Food Sectors </li></ul><p><strong>Privacy, Legal & Regulatory</strong></p><ul><li>US Offering $10 Million Reward for RedLine Malware Developer</li><li>Oklahoma Expands its Security Breach Notification Law </li></ul><p><strong>Upcoming Health-ISAC Events</strong></p><ul><li>Global Monthly Threat Brief<ul><li>Americas - June 24, 2025, 12:00-01:00 PM ET</li><li>European – June 25, 2025, 03:00-04:00 PM CET</li></ul></li></ul></div><div class="col-md-4"><div><p><strong>For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:</strong></p><h3><a href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf">John Riggi</a></h3><h4>National Advisor for Cybersecurity and Risk, AHA</h4><h4><a href="mailto:jriggi@aha.org?subject=Cybersecurity and Risk Advisory Services Query">jriggi@aha.org</a></h4><h4>(O) <a href="tel:1-202-626-2272">+1 202 626 2272</a></h4><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf" target="_blank">More on John Riggi</a></div><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/guidesreports/2018-06-15-cybersecurity-and-risk-advisory-services" target="_blank">Learn more about AHA's Cybersecurity and Risk Advisory Services</a></div></div></div></div></div> Mon, 09 Jun 2025 11:33:28 -0500 H-ISAC: Green Reports <div class="container row"><div class="row"><div class="col-md-8"><p><strong>Leading Story</strong></p><ul><li>Threat Actors Leak 86 Million AT&T Records with Decrypted SSNs </li></ul><p><strong>Data Breaches & Data Leaks  </strong></p><ul><li>Odoo Employee Database Allegedly Exposed and Put Up For Sale on Dark Web </li></ul><p><strong>Cyber Crimes & Incidents</strong></p><ul><li>Google Exposes Vishing Group UNC6040 Targeting Salesforce with Fake Data Loader App</li><li>TA397 Threat Actors Exploit Scheduled Tasks to Deploy Malware on Targeted Systems </li></ul><p><strong>Vulnerabilities & Exploits  </strong></p><ul><li>Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI</li><li>Critical Dell PowerScale Vulnerability Allows Attackers Unauthorized Access to Filesystem </li></ul><p><strong>Trends & Reports</strong></p><ul><li>Exploitation Trends Underscore the Need for Layered Cybersecurity</li><li>FBI Aware of 900 Organizations Hit by Play Ransomware </li></ul><p><strong>Privacy, Legal & Regulatory</strong></p><ul><li>California Man Pleads Guilty to Accessing Disney Employee’s Computer</li><li>Men Who Breached Law Enforcement Database for Doxing Sentenced to Prison (TD)</li></ul><p>Upcoming Health-ISAC Events</p><ul><li>Global Monthly Threat Brief<ul><li>Americas - June 24, 2025, 12:00-01:00 PM ET</li><li>European – June 25, 2025, 03:00-04:00 PM CET</li></ul></li></ul></div><div class="col-md-4"><div><p><strong>For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:</strong></p><h3><a href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf">John Riggi</a></h3><h4>National Advisor for Cybersecurity and Risk, AHA</h4><h4><a href="mailto:jriggi@aha.org?subject=Cybersecurity and Risk Advisory Services Query">jriggi@aha.org</a></h4><h4>(O) <a href="tel:1-202-626-2272">+1 202 626 2272</a></h4><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf" target="_blank">More on John Riggi</a></div><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/guidesreports/2018-06-15-cybersecurity-and-risk-advisory-services" target="_blank">Learn more about AHA's Cybersecurity and Risk Advisory Services</a></div></div></div></div></div> Fri, 06 Jun 2025 08:05:32 -0500 H-ISAC: Green Reports <div class="container row"><div class="row"><div class="col-md-8"><p><strong>Developments</strong></p><ul><li>Operation Spider Web</li><li>UK and Norway Subsea Cable Agreement</li><li>Black Owl Hacktivist Group Directly Assisting in Ukrainian Nation-State Cyber Attacks</li><li>EU-Philippines Affirm Defense Cooperation</li><li>AI Systems Adopted in BioManufacturing</li></ul><p>View the detailed report below.</p></div><div class="col-md-4"><div><p><strong>For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:</strong></p><h3><a href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf">John Riggi</a></h3><h4>National Advisor for Cybersecurity and Risk, AHA</h4><h4><a href="mailto:jriggi@aha.org?subject=Cybersecurity and Risk Advisory Services Query">jriggi@aha.org</a></h4><h4>(O) <a href="tel:1-202-626-2272">+1 202 626 2272</a></h4><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf" target="_blank">More on John Riggi</a></div><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/guidesreports/2018-06-15-cybersecurity-and-risk-advisory-services" target="_blank">Learn more about AHA's Cybersecurity and Risk Advisory Services</a></div></div></div></div></div> Thu, 05 Jun 2025 08:59:16 -0500 H-ISAC: Green Reports <div class="container row"><div class="row"><div class="col-md-8"><p><strong>Today’s Headlines:   </strong></p><p><strong>Leading Story</strong></p><ul><li>Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI</li></ul><p><strong>Data Breaches & Data Leaks  </strong></p><ul><li>Spain’s Telefonica Probes Suspected Data Breach</li><li>Thousands Hit by The North Face Credential Stuffing Attack</li></ul><p><strong>Cyber Crimes & Incidents</strong></p><ul><li>Ransomware Attack Exposes Private Data of Over 280,000 Nova Scotia Power Customers</li><li>New Malware Attack Uses Malicious Chrome & Edge Extensions to Steal Sensitive Data</li></ul><p><strong>Vulnerabilities & Exploits  </strong></p><ul><li>Threat Actors Exploit Ruby Gems to Steal Telegram Tokens and Messages</li><li>CISA Adds Three Known Exploited Vulnerabilities to Catalog</li></ul><p><strong>Trends & Reports</strong></p><ul><li>Cyber Attacks Surge 47% in Q1 2025, Report Warns</li><li>Health Sector Organizations Face Rising Risk of Cyberattacks</li></ul><p><strong>Privacy, Legal & Regulatory</strong></p><ul><li>Texas Governor Signs Cyber Command Into Law</li></ul><p><strong>Upcoming Health-ISAC Events</strong></p><ul><li>Global Monthly Threat Brief   <ul><li>Americas - June 24, 2025, 12:00-01:00 PM ET</li><li>European – June 25, 2025, 03:00-04:00 PM CET</li></ul></li></ul></div><div class="col-md-4"><div><p><strong>For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:</strong></p><h3><a href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf">John Riggi</a></h3><h4>National Advisor for Cybersecurity and Risk, AHA</h4><h4><a href="mailto:jriggi@aha.org?subject=Cybersecurity and Risk Advisory Services Query">jriggi@aha.org</a></h4><h4>(O) <a href="tel:1-202-626-2272">+1 202 626 2272</a></h4><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf" target="_blank">More on John Riggi</a></div><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/guidesreports/2018-06-15-cybersecurity-and-risk-advisory-services" target="_blank">Learn more about AHA's Cybersecurity and Risk Advisory Services</a></div></div></div></div></div> Thu, 05 Jun 2025 08:34:59 -0500 H-ISAC: Green Reports <div class="container row"><div class="row"><div class="col-md-8"><p>The information provided in the report is pulled from threat actor data leak sites ‘as is,’ meaning, it is shared as it has been posted by the threat group. They have been known to make mistakes, have typos, mis-name victims, or use other language aside from the victim name. The report shares the information ‘as is’ and neither the source of the report, nor our team, goes to the individual sites to verify the information, though it can be (and we sometimes do) cross-referenced with other reporting sources. Neither the originator of the report, nor our team, is in direct discussion w/ the threat actors. There are cyber threat intelligence firms that do engage in cybercrime forums and can provide additional perspectives of victims and ongoing discussions occurring in those forums.</p></div><div class="col-md-4"><div><p><strong>For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:</strong></p><h3><a href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf">John Riggi</a></h3><h4>National Advisor for Cybersecurity and Risk, AHA</h4><h4><a href="mailto:jriggi@aha.org?subject=Cybersecurity and Risk Advisory Services Query">jriggi@aha.org</a></h4><h4>(O) <a href="tel:1-202-626-2272">+1 202 626 2272</a></h4><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf" target="_blank">More on John Riggi</a></div><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/guidesreports/2018-06-15-cybersecurity-and-risk-advisory-services" target="_blank">Learn more about AHA's Cybersecurity and Risk Advisory Services</a></div></div></div></div></div> Thu, 05 Jun 2025 08:18:52 -0500 H-ISAC: Green Reports <div class="container row"><div class="row"><div class="col-md-8"><p><strong>Developments</strong></p><ul><li>Operation Spider Web</li><li>UK and Norway Subsea Cable Agreement</li><li>Black Owl Hacktivist Group Directly Assisting in Ukrainian Nation-State Cyber Attacks</li><li>EU-Philippines Affirm Defense Cooperation</li><li>AI Systems Adopted in BioManufacturing</li></ul><p>View the detailed report below.</p></div><div class="col-md-4"><div><p><strong>For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:</strong></p><h3><a href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf">John Riggi</a></h3><h4>National Advisor for Cybersecurity and Risk, AHA</h4><h4><a href="mailto:jriggi@aha.org?subject=Cybersecurity and Risk Advisory Services Query">jriggi@aha.org</a></h4><h4>(O) <a href="tel:1-202-626-2272">+1 202 626 2272</a></h4><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf" target="_blank">More on John Riggi</a></div><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/guidesreports/2018-06-15-cybersecurity-and-risk-advisory-services" target="_blank">Learn more about AHA's Cybersecurity and Risk Advisory Services</a></div></div></div></div></div> Wed, 04 Jun 2025 08:59:16 -0500 H-ISAC: Green Reports <div class="container row"><div class="row"><div class="col-md-8"><p>The information provided in the report is pulled from threat actor data leak sites ‘as is,’ meaning, it is shared as it has been posted by the threat group. They have been known to make mistakes, have typos, mis-name victims, or use other language aside from the victim name. The report shares the information ‘as is’ and neither the source of the report, nor our team, goes to the individual sites to verify the information, though it can be (and we sometimes do) cross-referenced with other reporting sources. Neither the originator of the report, nor our team, is in direct discussion w/ the threat actors. There are cyber threat intelligence firms that do engage in cybercrime forums and can provide additional perspectives of victims and ongoing discussions occurring in those forums.</p><p>View the detailed report below.</p></div><div class="col-md-4"><div><p><strong>For help with Cybersecurity and Risk Advisory Services exclusively for AHA members, contact:</strong></p><h3><a href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf">John Riggi</a></h3><h4>National Advisor for Cybersecurity and Risk, AHA</h4><h4><a href="mailto:jriggi@aha.org?subject=Cybersecurity and Risk Advisory Services Query">jriggi@aha.org</a></h4><h4>(O) <a href="tel:1-202-626-2272">+1 202 626 2272</a></h4><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/system/files/media/file/2020/11/AHA-Riggi-Senior-Advisor-for-Cyber-and-Risk-Bio-08102020.pdf" target="_blank">More on John Riggi</a></div><div class="external-link spacer"><a class="btn btn-wide btn-primary" href="/guidesreports/2018-06-15-cybersecurity-and-risk-advisory-services" target="_blank">Learn more about AHA's Cybersecurity and Risk Advisory Services</a></div></div></div></div></div> Wed, 04 Jun 2025 08:43:42 -0500 H-ISAC: Green Reports