Leveraging Knowledge to Manage Your Data Risks
Another recent victim of ShinyHunters is Instructure, the supplier of the Canvas learning management system, which disrupted the login portals of 330 colleges and universities during the critical college exam schedule.
According to Dataminr, ShinyHunters “claimed to have stolen 3.654TB of data affecting about 275 million individuals and 9,000 institutions worldwide.” The stolen data…
Global medical device company Medtronic recently confirmed that it had been attacked by the threat actor group, ShinyHunters. According to Bleeping Computer, Medtronic is “the largest medical device maker in the world by revenue ($33.5 billion) and also develops healthcare technologies and therapies.”
ShinyHunters alleges that it has stolen over nine million Medtronic records…
The Cybersecurity and Infrastructure Security Agency (CISA) and the UK National Cyber Security Centre (NCSC) have confirmed that threat actors are using FIRESTARTER malware to maintain persistence on Cisco network devices, allowing the threat actors to maintain access even after patching and reboots.
FIRESTARTER malware targets Cisco Firepower and Secure Firewall devices running Adaptive Security…
According to Cisco Talus researchers, phishing is the primary method threat actors use to gain unauthorized access to networks, accounting for more than one-third of all incidents in the first quarter of 2026. This increase is attributed to threat actors using legitimate AI tools to enhance phishing campaigns, particularly against health care and government sectors.…
On April 15, 2026, the Department of Justice (DOJ) announced that two U.S. nationals, Kejia Wang and Zhenxing Wang, were sentenced for facilitating a North Korean IT worker scheme that compromised over 80 U.S. identities, with sentences of 108 and 92 months respectively, supervised release, and forfeiture orders.
The scheme involved the defendants operating “laptop…
March was a busy month for former Black Basta affiliates who are using old social engineering techniques to target executives in the manufacturing, professional, scientific, and technical services industries. According to Reliaquest, the activity of the threat actors indicates that these sectors “were likely direct targets.”
According to its report, “Attackers are using automation…
Iran has always been a formidable cyber threat to the United States, but after the war in Iran commenced, the attacks are coming frequently and in full force. According to the Joint Cybersecurity Advisory issued on April 7, 2026, by the FBI, CISA, NSA, EPA, DOE, and Cyber Command, Iranian-based hackers are targeting operational technology…
Critical infrastructure operators at the water treatment plant in Minot, North Dakota, were forced to resort to manual processes when its Supervisory Control and Data Acquisition (SCADA) system became inoperable as a result of a March 14, 2026, ransomware attack. The attackers are unidentified, but it comes in the wake of the war in Iran…
Minnesota Governor Tim Walz issued an emergency executive order on April 7, 2026, dispatching the Minnesota National Guard after Winona County requested assistance following a cyber attack disrupting its “critical systems and digital services.” The attack occurred on April 6, 2026, and is “significantly impairing the county’s ability to deliver vital emergency and municipal services.”…
The Federal Bureau of Investigation (FBI) recently released a FLASH warning highlighting malicious cyber activity conducted by threat actors operating on behalf of Iran’s Ministry of Intelligence and Security. According to the FBI, these threat actors are using Telegram as a command-and-control infrastructure to push malware “targeting Iranian dissidents, journalists opposed to Iran, and other…
