In 2023, the threat actor Water Curupira actively distributed the PikaBot loader malware via phishing campaigns. The malware provided unauthorized remote access and command execution via an established C&C server link. PikaBot is primarily designed to launch Cobalt Strike, a potential precursor for ransomware deployment. The campaigns utilize email trickery and only halt when detecting Russian or Ukrainian system languages.
Information of 38,000 UChicago medical group patients potentially exposed in cybersecurity breach
Around 38,000 patients of UChicago Medicine’s medical group may have had their personal data revealed in a cybersecurity breach. The breach occurred in July through