Tag: group
-
Stryker Targeted by Large-Scale Wiper Attack, Tens of Thousands of Devices Lost
Global medical technology giant Stryker suffered a massive cybersecurity incident on March 11, 2026, resulting in the remote wiping of thousands of corporate devices. A pro-Iranian hacktivist group known as Handala has claimed responsibility for the attack, which severely disrupted Stryker’s internal Microsoft environment, manufacturing, and shipping operations. Technical Execution Vector Unlike traditional destructive cyberattacks,…
-
Russia-linked APT uses DRILLAPP backdoor to spy on Ukrainian targets
Russia-linked threat actors target Ukrainian entities with DRILLAPP backdoor and use Edge debugging for stealth. A new DRILLAPP backdoor campaign targets Ukrainian organizations, abusing Microsoft Edge debugging to evade detection. Observed in February 2026, it shows links to previous Russian-aligned operations by Laundry Bear APT group (aka UAC-0190, Void Blizzard) using the PLUGGYAPE malware family…
-
Poland Suspects Iranian Actors are Behind Attack on Its Nuclear Power Center
Poland officials say the cyberattack late last week appears to have been launched by an Iranian threat group, though they noted that bad actors not associated with any country in the war could have been behind it and used tactics associated with Iranian threat groups to cover their own tracks. First seen on securityboulevard.com Jump…
-
SAP zeichnet All for One Group in der Kategorie SAP Business Suite Success aus
Der Award unterstreicht insbesondere die Stärke der All for One Group bei der Implementierung durchgängiger End-to-End-Prozesse auf Basis der SAP Business Suite. Die SAP Partner Awards werden jährlich vergeben. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/all-for-one-group-erhaelt-globalen-sap-partner-award-2026/a44136/
-
Russia-linked espionage campaign targeting Ukraine using Starlink and charity lures
A Russia-linked hacker group launched a cyber-espionage campaign targeting Ukrainian organizations using fake documents about Starlink satellite internet terminals and a well-known Ukrainian charity, to infect devices with spyware. First seen on therecord.media Jump to article: therecord.media/russia-ukraine-cyber-espionage-group
-
IBM Discovers ‘Slopoly’ AI-Generated Malware Linked to Hive0163 Ransomware
Ransomware group Hive0163 is experimenting with a likely AI-generated malware framework, dubbed “Slopoly,” marking a visible shift toward AI-assisted tooling in attacks. While the malware itself is simple, its use shows how quickly threat actors can now generate and iterate on custom command-and-control clients using large language models (LLMs). Hive0163 is a financially motivated cluster…
-
All for One Group erhält globalen SAP Partner Award 2026
Der Award unterstreicht insbesondere die Stärke der All for One Group bei der Implementierung durchgängiger End-to-End-Prozesse auf Basis der SAP Business Suite. Die SAP Partner Awards werden jährlich vergeben. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/all-for-one-group-erhaelt-globalen-sap-partner-award-2026/a44136/
-
When insider risk is a wellbeing issue, not just a disciplinary one
Tags: access, breach, compliance, control, cyber, data, exploit, finance, group, malicious, monitoring, resilience, risk, risk-management, security-incident, threat, training, vulnerabilityWritten by Katie Barnett, Director of Cyber Security at Toro Solutions Insider risk is still often framed around intent, with the focus placed on malicious employees, disgruntled contractors, or deliberate misuse of access for personal gain.Those cases exist and they matter, but they are rarely where risk first begins, and they do not reflect how…
-
When insider risk is a wellbeing issue, not just a disciplinary one
Tags: access, breach, compliance, control, cyber, data, exploit, finance, group, malicious, monitoring, resilience, risk, risk-management, security-incident, threat, training, vulnerabilityWritten by Katie Barnett, Director of Cyber Security at Toro Solutions Insider risk is still often framed around intent, with the focus placed on malicious employees, disgruntled contractors, or deliberate misuse of access for personal gain.Those cases exist and they matter, but they are rarely where risk first begins, and they do not reflect how…
-
Lloyds Banking Group Investigates Mobile App Data Exposure Affecting Multiple UK Banks
Lloyds Banking Group has launched an internal investigation after a technical error in its mobile banking applications allowed some customers to briefly see other users’ transaction details. The incident affected the mobile apps of several brands operated by the group, including Lloyds Bank, Halifax, and Bank of Scotland. According to the bank, the issue arose……
-
Payload Ransomware claims the hack of Royal Bahrain Hospital
The Payload Ransomware group claims to have breached the Royal Bahrain Hospital (RBH), a leading healthcare facility in Bahrain. The Payload Ransomware group claims to have hacked the Royal Bahrain Hospital (RBH) and stolen 110 GB of data. The ransomware gang added the healthcare facility to its Tor data leak site and published the images…
-
Fake rooms, props and a script to lure victims: inside an abandoned Cambodia scam centre
Sprawling compound, including mock-up banks and police offices, uncovered by Thai military during border clashesIt is as if you have walked into a branch of one of Vietnam’s banks. A row of customer service desks, divided by plastic screens, with landline phones, promotional leaflets and staff business cards. A seated waiting area and a private…
-
Iran Claims Massive Cyber-Attack on MedTech Firm Stryker
The pro-Iran Handala group claims to have wiped 200,000 systems in destructive wiper malware attack on US firm Stryker First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iran-massive-wiper-attack-medtech/
-
Iran-Linked Hacktivists Claim Destructive Cyberattack on Medtech Firm Stryker
A hacktivist group with alleged links to Iran’s intelligence agencies has claimed responsibility for a destructive cyberattack against Stryker, the Michigan-based global medical technology company, in an incident that reportedly disrupted operations across the company’s international network. News reports from Ireland, Stryker’s largest hub outside the United States, said the company sent more than 5,000…
-
Veeam warns admins to patch now as critical RCE flaws hit Backup & Replication
Tags: access, backup, control, cve, data, exploit, flaw, group, infrastructure, ransomware, rce, remote-code-execution, update, veeam, vulnerabilityPatches are available: Veeam warned that organizations should apply the patched build promptly, noting that vulnerability disclosures frequently trigger attempts by attackers to reverse-engineer patches and develop exploits for unpatched systems.The issues were fixed in Veeam Backup & Replication 12.3.2.4465, and organizations running unsupported or older builds should assume they are vulnerable and upgrade immediately.…
-
Veeam warns admins to patch now as critical RCE flaws hit Backup & Replication
Tags: access, backup, control, cve, data, exploit, flaw, group, infrastructure, ransomware, rce, remote-code-execution, update, veeam, vulnerabilityPatches are available: Veeam warned that organizations should apply the patched build promptly, noting that vulnerability disclosures frequently trigger attempts by attackers to reverse-engineer patches and develop exploits for unpatched systems.The issues were fixed in Veeam Backup & Replication 12.3.2.4465, and organizations running unsupported or older builds should assume they are vulnerable and upgrade immediately.…
-
Veeam warns admins to patch now as critical RCE flaws hit Backup & Replication
Tags: access, backup, control, cve, data, exploit, flaw, group, infrastructure, ransomware, rce, remote-code-execution, update, veeam, vulnerabilityPatches are available: Veeam warned that organizations should apply the patched build promptly, noting that vulnerability disclosures frequently trigger attempts by attackers to reverse-engineer patches and develop exploits for unpatched systems.The issues were fixed in Veeam Backup & Replication 12.3.2.4465, and organizations running unsupported or older builds should assume they are vulnerable and upgrade immediately.…
-
AI-assisted Slopoly malware powers Hive0163’s ransomware campaigns
The Hive0163 group used AI-assisted malware called Slopoly to maintain persistent access in ransomware attacks. IBM X-Force researchers report that the financially motivated group Hive0163 is using AI-assisted malware named Slopoly to maintain persistent access during ransomware attacks, showing how threat actors can quickly build new malware frameworks using AI. Hive0163 is a threat actor…
-
Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
vpn-fortinet[.]com and ivanti-vpn[.]org, hosting malicious ZIP files on GitHub, the advisory said.The malware itself arrives as a ZIP file containing a Windows Installer package. When a user launches the downloaded installer, it drops a fake Pulse Secure application into a directory that closely mimics a legitimate Pulse Secure installation path, Microsoft said.”This installation path blends…
-
Storm-2561 targets enterprise VPN users with SEO poisoning, fake clients
vpn-fortinet[.]com and ivanti-vpn[.]org, hosting malicious ZIP files on GitHub, the advisory said.The malware itself arrives as a ZIP file containing a Windows Installer package. When a user launches the downloaded installer, it drops a fake Pulse Secure application into a directory that closely mimics a legitimate Pulse Secure installation path, Microsoft said.”This installation path blends…
-
Hybrid resilience: Designing incident response across on-prem, cloud and SaaS without losing your mind
Tags: access, authentication, business, cloud, communications, data, data-breach, group, identity, incident response, metric, mitigation, network, radius, resilience, saas, service, strategy, technology, updateSeverity is driven by customer impact, not by who is pagedWe maintain one current hypothesis, even if it is wrongWe keep one shared timeline that captures decisions, not just symptomsWe communicate on a predictable cadence, even when answers are incompleteEvery action has a named owner and an explicit “time we expect to learn”The biggest behavior…
-
Hybrid resilience: Designing incident response across on-prem, cloud and SaaS without losing your mind
Tags: access, authentication, business, cloud, communications, data, data-breach, group, identity, incident response, metric, mitigation, network, radius, resilience, saas, service, strategy, technology, updateSeverity is driven by customer impact, not by who is pagedWe maintain one current hypothesis, even if it is wrongWe keep one shared timeline that captures decisions, not just symptomsWe communicate on a predictable cadence, even when answers are incompleteEvery action has a named owner and an explicit “time we expect to learn”The biggest behavior…
-
Medical giant Stryker crippled after Iranian hackers remotely wipe computers
Tags: access, attack, authentication, best-practice, ceo, computer, credentials, cyber, cyberattack, data, flaw, group, hacker, identity, infrastructure, intelligence, iran, jobs, mobile, phone, service, software, supply-chain, theft, threat, updateHandala claims credit: The Handala threat group quickly claimed responsibility for the attack. While the group’s involvement is just a claim for now, Stryker employees reportedly saw a version of the Handala logo a cartoon of a Palestinian boy with his back turned and hands crossed behind him on affected devices.Handala’s identity is hard to…
-
Inside the Tehran-Linked ‘Faketivist’ Hacking Group Handala
Healthcare Hit Shows Symbols Matter as Iran Shifts Focus to Economic Damage. Cybersecurity experts say that the Handala hacktivist group that claimed credit for attacks against two American firms on Wednesday is run by the Iranian government. The shift to destructive cyberattacks parallels Iran’s attempt to inflict greater economic damage on the United States and…
-
Inside the Tehran-Linked ‘Faketivist’ Hacking Group Handala
Healthcare Hit Shows Symbols Matter as Iran Shifts Focus to Economic Damage. Cybersecurity experts say that the Handala hacktivist group that claimed credit for attacks against two American firms on Wednesday is run by the Iranian government. The shift to destructive cyberattacks parallels Iran’s attempt to inflict greater economic damage on the United States and…