Encryption
Kidney dialysis firm DaVita hit by weekend ransomware attack
Kidney dialysis firm DaVita disclosed Monday it suffered a weekend ransomware attack that encrypted parts of its network and impacted some of its operations. DaVita is a major provider of kidney care services in the United States, operating over 2,600 outpatient treatment centers that provide dialysis to those suffering from kidney disease. It is a […]
Sensata Technologies hit by ransomware attack impacting operations
Sensata Technologies (known as Sensata) has suffered a ransomware attack last weekend that encrypted parts of the company network and disrupted operations. In an 8-K filing to the U.S. Securities and Exchange Commission (SEC), Sensata says that the attack occurred on Sunday, April 6, and involved data theft, too. “The incident has temporarily impacted Sensata’s operations, […]
Cloudflare now blocks all unencrypted traffic to its API endpoints
Cloudflare announced that it closed all HTTP connections and it is now accepting only secure, HTTPS connections for api.cloudflare.com. The move prevents unencrypted API requests from being sent, even accidentally, to eliminate the risk of sensitive information being exposed in cleartext traffic before the server closes the HTTP conection and redirects to a secure communication channel. […]
New SuperBlack ransomware exploits Fortinet auth bypass flaws
A new ransomware operator named ‘Mora_001’ is exploiting two Fortinet vulnerabilities to gain unauthorized access to firewall appliances and deploy a custom ransomware strain dubbed SuperBlack. The two vulnerabilities, both authentication bypasses, are CVE-2024-55591 and CVE-2025-24472, which Fortinet disclosed in January and February, respectively. When Fortinet first disclosed CVE-2024-55591 on January 14, they confirmed it had […]
Amazon Redshift gets new default settings to prevent data breaches
Amazon has announced key security enhancements for Redshift, a popular data warehousing solution, to help prevent data exposures due to misconfigurations and insecure default settings. Redshift is widely used by enterprises for business intelligence and big data analytics for data warehousing, competing with Google BigQuery, Snowflake, and Azure Synapse Analytics. It’s valued for its petabyte-scale […]
Ransomware abuses Amazon AWS feature to encrypt S3 buckets
A new ransomware campaign encrypts Amazon S3 buckets using AWS’s Server-Side Encryption with Customer Provided Keys (SSE-C) known only to the threat actor, demanding ransoms to receive the decryption key. The campaign was discovered by Halcyon, who reported that a threat actor named “Codefinger” had encrypted at least two victims. However, the operation could escalate or the […]
Banshee stealer evades detection using Apple XProtect encryption algo
A new version of the Banshee info-stealing malware for macOS has been evading detection over the past two months by adopting string encryption from Apple’s XProtect. Banshee is an information stealer focused on macOS systems. It emerged in mid-2024 as a stealer-as-a-service available to cybercriminals for $3,000. Its source code was leaked on the XSS forums […]