InfoSec Dot - Issue #47. 🚨 Ascension Health Data Leak 🏥 | North Korean Cyberattack 💥 | Clop Ransomware Escalates 💸

In partnership with

Hi there,

Welcome to today’s edition of InfoSec Dot, where we bring you the latest cybersecurity developments. In this issue, we cover the alarming North Korean cyberattack that stole $308 million in Bitcoin from Japanese cryptocurrency firm DMM Bitcoin. We also discuss the recent ransomware attack on healthcare giant Ascension, affecting 5.6 million individuals and compromising sensitive medical data. Additionally, we highlight the Cisco breach, where a hacker leaked 2.9 GB of stolen data, including source code and private credentials, from the company’s DevHub platform.

Stay informed with these crucial updates to better understand and counteract the evolving cybersecurity risks.

Start learning AI in 2025

Everyone talks about AI, but no one has the time to learn it. So, we found the easiest way to learn AI in as little time as possible: The Rundown AI.

It's a free AI newsletter that keeps you up-to-date on the latest AI news, and teaches you how to apply it in just 5 minutes a day.

Plus, complete the quiz after signing up and they’ll recommend the best AI tools, guides, and courses – tailored to your needs.

Sign up to start learning.

🗓️ What’s New

Adobe Patches Critical ColdFusion Vulnerability

Adobe has released a patch for a high-severity vulnerability in ColdFusion, identified as CVE-2024-53961. This path traversal flaw could allow attackers to read arbitrary files on the system, potentially exposing sensitive information. Given the availability of proof-of-concept code and the high risk of exploitation, Adobe urges users to update their installations promptly. Read More (2 Mins)

Clop Ransomware Extorts 66 Cleo Data-Theft Victims

The Clop ransomware gang has launched extortion efforts against 66 companies impacted by their recent Cleo data theft attacks. They have given organizations 48 hours to respond, threatening to reveal identities if negotiations fail. Clop has a history of exploiting zero-day vulnerabilities in file transfer platforms to steal sensitive data. Read More (4 Mins)

North Korean Hackers Steal $308M in Bitcoin from DMM Bitcoin

North Korean cyber actors have been officially linked to the theft of $308 million in Bitcoin from Japanese cryptocurrency firm DMM Bitcoin in May 2024. The attackers used social engineering tactics, posing as recruiters to deliver malicious Python scripts, ultimately compromising employee accounts to execute unauthorized transactions. The stolen funds were laundered through mixing services and bridging platforms. Read More (3 Mins)

Ascension Health Ransomware Attack Affects 5.6 Million Individuals

In May 2024, Ascension Health experienced a ransomware attack compromising the personal, medical, and payment information of approximately 5.6 million people. The breach led to service disruptions, forcing hospitals to implement downtime procedures and divert emergency services. Compromised data includes names, Social Security numbers, medical records, and insurance information. Ascension has since restored services and is notifying affected individuals. Read More (2 Mins)

Hacker Leaks Cisco Data

A hacker known as "IntelBroker" has leaked 2.9 GB of data stolen from Cisco’s DevHub platform, including source code, certificates, and private credentials. This breach comes after an earlier attack in May 2024, where the hacker exploited vulnerabilities in Cisco’s network to access sensitive information. The leaked data is now circulating on the dark web, posing potential risks to the company and its clients. Cisco is currently investigating the breach and working with authorities. Read More (4 Mins)

🔗 Quick Links

• FTC orders Marriott and Starwood to implement strict data security

• CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation

• AI Could Generate 10,000 Malware Variants

• CISA Releases Mobile Security Guidance After Chinese Telecom Hacking

• Top 10 Cybersecurity Trends to Expect in 2025

• What Do Hackers Know About Your AWS Account?

If you like this issue, I'd really appreciate it if you could forward it to your friends and colleagues! Your support helps us grow and continue providing great content.

If you have specific feedback or anything interesting you’d like to share, please let me know by replying to this email.

Regards,

Dot