Introducing Episode 16 of our expertly crafted series on data breaches, cyber-attacks, and more. Breach Breakdown is your go-to source for recapping incidents and staying up-to-date on the latest solutions. February/March saw its fair share of reported cases, with breaches affecting:

Brute-Force Attack On Over 4,000 ISP IPs

The recent brute-force attack on over 4,000 ISP IPs across China and the U.S. West Coast demonstrates how cyber criminals are evolving their tactics to exploit weak credentials and deploy information stealers and crypto currency miners. Attackers used PowerShell scripts to disable security measures, exfiltrating sensitive data—including crypto currency wallet addresses—via Telegram bots, making detection and response more challenging.

We’ve seen a rise in credential-based attacks that bypass traditional security defences, and always emphasise the importance of  real-time threat intelligence, and advanced access controls.

Read More

Bybit Hack: $1.4 Billion Crypto Heist Highlights Growing Laundering Tactics

The recent Bybit crypto-currency heist, which saw hackers steal approximately $1.4 billion in Ethereum, highlights the evolving tactics of cyber criminals and the growing challenge of tracking stolen digital assets. The attackers, allegedly linked to North Korea, have already laundered a significant portion of the stolen funds by converting them into Bitcoin and utilising crypto mixers to obscure transaction trails. At CYFOR Secure, we recognise how cyber criminals are leveraging decentralized finance (DeFi) tools to evade detection, making traditional anti-money laundering (AML) mechanisms struggle to keep pace. As crypto-related cyber threats escalate, businesses must adopt advanced blockchain monitoring, real-time threat intelligence, and proactive security measures to mitigate risks.

Read More

Deepfake Phishing Scam Targets YouTube Creators

Cyber criminals are increasingly using AI-generated deepfake videos to carry out sophisticated phishing attacks, with the latest campaign targeting YouTube creators. Fraudsters have created fake videos of YouTube CEO Neal Mohan, tricking users into clicking malicious links disguised as monetisation updates. Once a victim enters their credentials, attackers gain access to their account, potentially leading to channel takeovers and financial losses.

Our team have seen a surge in AI-driven phishing tactics that make scams harder to detect. As deepfake technology improves, traditional security measures need to be updated. To stay secure, always enable multi-factor authentication (MFA), careful scrutinise unexpected messages, and AI-powered threat detection to stay ahead of evolving cyber threats.

Read More

Silk Typhoon Shifts to IT Supply Chain Attacks

The recent shift in tactics by Silk Typhoon, a Chinese state-sponsored cyber-espionage group, highlights the growing risk to IT supply chains and cloud environments. Microsoft has confirmed that Silk Typhoon is now targeting remote management tools and cloud services to infiltrate downstream customer networks, expanding their espionage reach beyond individual organisations. Instead of relying on malware and web shells, the group now exploits stolen API keys, compromised credentials, and unpatched vulnerabilities to maintain stealthy access while clearing logs to evade detection.

 As attackers increasingly exploit cloud environments and privileged access management systems, businesses must strengthen their identity security, implement real-time threat monitoring, and conduct continuous vulnerability assessments. Cyber threats are evolving rapidly, and a proactive security approach is crucial to mitigating risks posed by state-backed actors like Silk Typhoon.

Read More

Healthcare Data Breaches Now More Profitable for Hackers Than Credit Card Theft

The latest Kroll Cyber Risk report reveals that healthcare has overtaken finance as the most targeted industry for cyber attacks, accounting for 23% of all breaches in 2024. While stolen credit card data sells for as little as $5 on the dark web, cyber criminals can earn up to $1,000 per healthcare data breach, making medical records a far more lucrative target.

With healthcare data now a prime commodity for cyber criminals, organisations must act decisively to protect their systems from increasingly sophisticated breaches.

Read More