Risky Bulletin: US authorities sound the alarm on a medical device backdoor - Risky Bulletin

Summary8 min read

Risky Bulletin: US Authorities Sound the Alarm on a Medical Device Backdoor
Hosted by risky.biz (Claire Aird)
Release Date: February 3, 2025

Introduction

In the latest episode of Risky Bulletin, host Claire Aird delivers a comprehensive overview of pressing cybersecurity issues affecting various sectors globally. From vulnerabilities in medical devices to sophisticated spyware attacks, the episode delves into the multifaceted challenges faced by governments, organizations, and individuals in safeguarding digital infrastructure.

1. Medical Device Backdoor Exposes Patient Data to China**

Claire Aird opens the episode by addressing a critical security flaw in Contec medical devices:

[00:15] "The U.S. government says Contec medical devices are sending patient data to China. The patient monitoring devices also contain a hidden mechanism that can download and execute files."

Key Points:

Vulnerability Identified: Contec CMS 8000 patient monitors have a backdoor allowing unauthorized file downloads and executions.
Data Transmission: These devices transmit patient data to cernet, a Chinese educational and research network managed by Tsinghua University in Beijing.
Regulatory Response: The Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Food and Drug Administration (FDA) have urged hospitals to disconnect these devices from the Internet to mitigate risks.
Rebranding Concern: Officials noted that these devices are frequently relabeled and sold under various names, complicating detection and remediation efforts.

2. CISA Workers Exempt from Trump Administration's Resignation Program**

A significant update concerning federal employees was highlighted:

[02:50] "CISA workers have been told they're not eligible for the Trump administration's resignation program. The program will allow government workers to retain their pay and benefits until the end of September, if they resign by February 6th."

Key Points:

Resignation Program Details: Initiated during the Trump administration, the program offers government employees the option to retain their compensation and benefits for a specified period upon resignation.
Exemption Rationale: CISA clarified that its employees are classified as national security staff, thereby excluding them from eligibility.
Security Implications: The decision underscores the sensitive nature of CISA's work and the importance of maintaining a stable workforce in critical national security roles.

3. US Agency for International Development Breached for Cryptocurrency Mining**

The episode sheds light on cybersecurity breaches within government agencies:

[05:20] "Hackers breached the U.S. agency for International Development last fall and abused its cloud infrastructure to mine cryptocurrency. The incident incurred around half a million dollars in cloud service charges."

Key Points:

Breach Details: A brute force attack successfully guessed the password to a global administrator account in one of the agency's test environments.
Financial Impact: Unauthorized cryptocurrency mining operations led to substantial cloud service expenditures totaling approximately $500,000.
Security Failures: The incident highlights vulnerabilities related to password security and the need for robust authentication mechanisms.

4. Paragon Solutions Spyware Targets Journalists and NGO Staffers**

A concerning cyber espionage campaign is under scrutiny:

[07:45] "Over 90 journalists and NGO staffers have been targeted with spyware made by Israeli company Paragon Solutions. The attacks allegedly used a zero-click exploit."

Key Points:

Spyware Deployment: Malicious documents were disseminated via WhatsApp, exploiting zero-click vulnerabilities to install Paragon's Graphite spyware on victims' devices.
Corporate Response: Meta has issued a cease and desist letter to Paragon and is actively notifying affected users to mitigate further compromises.
Acquisition Insight: AE Industrial Partners, a U.S. private investment firm, acquired Paragon Solutions for $900 million last year, raising questions about the company's operational transparency and ethical considerations.

5. Polish Former Justice Minister Arrested in Pegasus Spyware Probe**

A high-profile political scandal unfolds in Poland:

[10:15] "Polish authorities have arrested the country's previous justice minister on charges of using the Pegasus spyware against political opponents."

Key Points:

Arrest Details: Zbigniew Dzhbr, former justice minister from the Law and Order Party (2017-2023), was apprehended in Warsaw after leaving a right-wing TV station's headquarters.
Allegations: Dzhbr is accused of orchestrating surveillance operations against over 600 individuals using Pegasus spyware during his tenure.
Legal and Political Repercussions: The arrest signifies a critical stance against the misuse of surveillance technologies for political gain, emphasizing accountability within governmental roles.

6. Europol and Eurojust Highlight Challenges in Combating Cybercrime**

International law enforcement agencies discuss ongoing hurdles:

[12:50] "Europol and Eurojust say that data overload, anonymisation, and encryption services are their primary challenges in fighting cybercrime."

Key Points:

Data Management Issues: The exponential growth of data volumes overwhelms law enforcement's capacity to store and process information essential for combating online crime.
Technical Barriers: Challenges include dealing with carrier-grade NAT, anonymized WHOIS databases, and enhanced DNS privacy measures that obscure malicious activities.
Legislative Needs: Europol has urged lawmakers to create lawful avenues for accessing encrypted communications to facilitate investigations without infringing on privacy rights.

7. International Coordination Centre Launched to Tackle Cyber Scams**

A multilateral initiative aims to disrupt cybercriminal networks:

[15:30] "Law enforcement agencies from 18 countries have launched an international coordination centre to combat online cyber scam operations. The centre will operate from Thailand, one of the hotspots for such activities."

Key Points:

Member Countries: The centre includes representation from major cyber-operating nations such as China, Russia, and the United States, alongside several Southeast Asian nations.
Operational Focus: By centralizing efforts in Thailand, known for its high incidence of cyber scams, the initiative seeks to streamline coordination, intelligence sharing, and enforcement actions against cybercriminals.
Strategic Importance: This center represents a concerted global effort to dismantle sophisticated online scam operations through collaborative law enforcement strategies.

8. Turkish Authorities Crack Down on Government Database Breach**

Cybercriminals face intensified law enforcement actions:

[17:20] "Turkish authorities have arrested a cybercrime group that breached Mirnus, a government database that stores citizens' information. Officials say the group sold access to query the database and the data was used for making threats and blackmail."

Key Points:

Breach Impact: The Mirnus database contained sensitive citizen information, making it a lucrative target for cybercriminals seeking to exploit data for illicit purposes.
Arrests Made: A total of 44 suspects were detained, signaling a robust response from Turkish law enforcement against large-scale cybercrime operations.
Security Measures: The incident underscores the necessity for stringent security protocols in government databases to prevent unauthorized access and potential exploitation.

9. Deepseek Under DDoS Attack in China**

Persistent online threats challenge service reliability:

[19:05] "Chinese AI platform Deepseek has been dealing with a week-long DDoS attack that's targeted its API and public-facing websites. The attack started on 25 January."

Key Points:

Attack Characteristics: The Distributed Denial of Service (DDoS) attack exhibited high tactical sophistication, making it difficult for Deepseek to mitigate effectively.
Service Disruption: The assault on both the API and external websites has likely impacted user accessibility and service stability.
Response Efforts: Deepseek's attempts to counteract the attack highlight the ongoing battle between cybersecurity defenses and malicious actors employing advanced techniques.

10. Ransomware Strikes Tata Technologies in India**

Major industrial player faces cyber extortion:

[20:50] "A ransomware attack has impacted several IT systems at Tata Technologies, one of India's largest companies. The company took down affected systems and said that no customer services have been impacted."

Key Points:

Attack Scope: The ransomware infiltrated multiple IT systems within Tata Technologies, a prominent subsidiary of the Tata Group serving the automotive and aerospace sectors.
Mitigation Measures: Swift action was taken to isolate and deactivate the compromised systems, preventing any disruption to customer-facing services.
Industry Implications: This incident emphasizes the vulnerability of critical engineering service providers to ransomware threats and the importance of resilient cybersecurity frameworks.

11. AngelSense Database Exposure Compromises User Privacy**

A data leak raises privacy concerns:

[22:30] "GPS tracking service AngelSense has accidentally exposed an internal database with the personal data and location details of thousands of users."

Key Points:

Data Breach Details: An unprotected Elasticsearch database was responsible for the leak, containing over 120 million log entries, including real names, addresses, GPS coordinates, and account passwords.
Service Functionality: AngelSense provides real-time tracking for children and adults with special needs, making the exposed data particularly sensitive.
Security Oversight: The breach highlights critical lapses in securing databases, especially those handling highly sensitive and personal information.

12. WTCRY Ransomware Gang Exploits Misconfigured SMB Shares**

Emerging ransomware tactics pose new threats:

[24:10] "The WTCRY ransomware gang is hacking systems with misconfigured SMB shares to encrypt files and demand ransom payments."

Key Points:

Attack Vector: WTCRY capitalizes on improperly configured Server Message Block (SMB) shares, exploiting systems left with open or weakly protected SMB services.
Encryption Strategy: Once inside the network, the gang encrypts files across shared directories and connected Network Attached Storage (NAS) devices, leveraging the compromised access to maximize impact.
Distinction Clarification: It's important to differentiate WTCRY from the WannaCry worm associated with North Korea, as they are unrelated entities.
Activity Surge: Operating since late 2023, WTCRY has intensified its attacks, signaling a growing threat in the ransomware landscape.

13. Record High Ransomware Attacks in the Previous Year**

The cybersecurity community faces unprecedented challenges:

[26:00] "Last year saw the highest volume of ransomware attacks on record, with over 5,200 victims listed on dark web leak sites."

Key Points:

Attack Statistics: The previous year marked a significant increase in ransomware incidents, with over 5,200 recorded victims exposed on dark web platforms.
Dominant Threat Actors: Lockbit emerged as the most active ransomware group, continuing its operations despite a successful law enforcement takedown earlier in the year.
Peak Activity: December reached unprecedented levels of ransomware activity, underscoring the relentless and evolving nature of cyber extortion tactics.

Conclusion

Claire Aird concludes the episode by reiterating the pervasive and evolving nature of cybersecurity threats across various domains. From medical device vulnerabilities to sophisticated spyware and ransomware operations, the landscape demands vigilant and proactive measures from all stakeholders to safeguard sensitive data and maintain digital integrity.

This summary encapsulates the key discussions and insights from the February 3, 2025 episode of Risky Bulletin. For a more detailed exploration of each topic, listening to the full episode is recommended.

Loading summary

Transcript1 lines

[00:04]
Claire Aird
US authorities sound the alarm on a medical device backdoor Meta exposes Paragon spyware attacks, CISA employees are exempt from Trump's resignation program and Poland arrests a previous justice minister in the Pegasus probe. This is the risky bulletin prepared by Catalyn Kim Panu and read by me, Claire aird. Today is the 3rd of February and this podcast episode is brought to you by Thinkst, the makers of the much loved THINKST canary. In today's top story, the U.S. government says Contec medical devices are sending patient data to China. The patient monitoring devices also contain a hidden mechanism that can download and execute files. The backdoor behaviour was confirmed in contact CMS 8000 patient monitors, but officials say the devices are often relabelled and sold under different names. CISA and the US FDA have asked hospitals to disconnect the devices from the Internet. The devices send data to to an address in cernet, a Chinese educational and research network managed by the Tsinghua University in Beijing. In other news, CISA workers have been told they're not eligible for the Trump administration's resignation program. The program will allow government workers to retain their pay and benefits until the end of September, if they resign by February 6th. In an email last week, CISA told employees they're considered national security staff and are not eligible for the program. Hackers breached the U.S. agency for International Development last fall and abused its cloud infrastructure to mine cryptocurrency. The incident incurred around half a million dollars in cloud service charges. The breach was traced back to a brute force attack that guessed the password to a global administrator account in one of the US aid test environments. Over 90 journalists and NGO staffers have been targeted with spyware made by Israeli company Paragon Solutions. The attacks allegedly used a zero click exploit. Victims received malicious documents sent via WhatsApp that deployed Paragon's Graphite spyware. Meta sent Paragon a cease and desist letter and is notifying targeted users. US private investment company AE Industrial Partners acquired Israeli spyware company Paragon Solutions last year for $900 million. Polish authorities have arrested the country's previous justice minister on charges of using the Pegasus spyware against political opponents. Zbigniew Dzhbr was arrested in Warsaw after leaving the headquarters of a right wing TV station. He was justice minister between 2017 and 2023 in the country's previous Law and Order Party government. During his tenure, law enforcement agencies acquired the software and use it to Spy on over 600 people. Europol and Eurojust say that data overload, anonymisation and encryption services are their primary challenges in fighting cybercrime. The two bodies say many law enforce agencies don't have the resources to store or process the vast quantities of data needed to tackle online crime. The agencies also experience technical challenges with carrier grade nat, anonymised WHOIS databases and increased DNS privacy. Europol has also asked lawmakers to find lawful ways to access encrypted communication. Law enforcement agencies from 18 countries have launched an international coordination centre to combat online cyber scam operations. The centre will operate from Thailand, one of the hotspots for such activities. Members include China, Russia, the US and several Southeast Asian nations. Turkish authorities have arrested a cybercrime group that breached mirnus, a government database that stores citizens information. Officials say the group sold access to query the database and the data was used for making threats and blackmail. 44 suspects were arrested. Chinese AI platform Deepseek has been dealing with a week long DDoS attack that's targeted its API and public facing websites. The attack started on 25 January. According to Chinese security firm NS Focus. The attacker showed high tactical literacy as Deepseek tried to respond. A ransomware attack has impacted several IT systems at Tata Technologies, one of India's largest companies. The company took down affected systems and said that no customer services have been impacted. Tata Technologies is a subsidiary in the Tata Group that provides engineering services for the automotive and aerospace sectors. GPS tracking service AngelSense has accidentally exposed an internal database with the personal data and location details of thousands of users. Security firm Upguard says the leak originated with an unprotected Elasticsearch database containing over 120 million log entries. The exposed data included real names, addresses, GPS coordinates and even account passwords. The angelsense app is advertised as a real time tracker for children and adults with special needs needs. The wtcry ransomware gang is hacking systems with misconfigured SMB shares to encrypt files and demand ransom payments. According to security firm Securite, the group gains access to systems via SMB services left on the Internet with no authentication or with weak passwords. Once inside, the gang encrypts any shares and connected NAS devices. The WTCRY group has been active since late 2023 but has recently intensified attacks. The group's not to be confused with the North Korean Internet worm of the similar name WannaCry. And finally, last year saw the highest volume of ransomware attacks on record, with over 5,200 victims listed on dark web leak sites. Lockbit was the most active group despite a law enforcement takedown at the start of the year. The end of the year saw record levels of activity, with December becoming the most active month for ransomware gangs on record. And that is all for this podcast edition. Today's show is brought to you by our sponsor, thinxt, the makers of the much loved thinxt Canary. Find them at Canary Tools. Thanks, Ear company.

Risky Bulletin: US Authorities Sound the Alarm on a Medical Device Backdoor
Hosted by risky.biz (Claire Aird)
Release Date: February 3, 2025

Introduction

1. Medical Device Backdoor Exposes Patient Data to China**

Claire Aird opens the episode by addressing a critical security flaw in Contec medical devices:

[00:15] "The U.S. government says Contec medical devices are sending patient data to China. The patient monitoring devices also contain a hidden mechanism that can download and execute files."

Key Points:

Vulnerability Identified: Contec CMS 8000 patient monitors have a backdoor allowing unauthorized file downloads and executions.
Data Transmission: These devices transmit patient data to cernet, a Chinese educational and research network managed by Tsinghua University in Beijing.
Regulatory Response: The Cybersecurity and Infrastructure Security Agency (CISA) and the U.S. Food and Drug Administration (FDA) have urged hospitals to disconnect these devices from the Internet to mitigate risks.
Rebranding Concern: Officials noted that these devices are frequently relabeled and sold under various names, complicating detection and remediation efforts.

2. CISA Workers Exempt from Trump Administration's Resignation Program**

A significant update concerning federal employees was highlighted:

[02:50] "CISA workers have been told they're not eligible for the Trump administration's resignation program. The program will allow government workers to retain their pay and benefits until the end of September, if they resign by February 6th."

Key Points:

Resignation Program Details: Initiated during the Trump administration, the program offers government employees the option to retain their compensation and benefits for a specified period upon resignation.
Exemption Rationale: CISA clarified that its employees are classified as national security staff, thereby excluding them from eligibility.
Security Implications: The decision underscores the sensitive nature of CISA's work and the importance of maintaining a stable workforce in critical national security roles.

3. US Agency for International Development Breached for Cryptocurrency Mining**

The episode sheds light on cybersecurity breaches within government agencies:

[05:20] "Hackers breached the U.S. agency for International Development last fall and abused its cloud infrastructure to mine cryptocurrency. The incident incurred around half a million dollars in cloud service charges."

Key Points:

Breach Details: A brute force attack successfully guessed the password to a global administrator account in one of the agency's test environments.
Financial Impact: Unauthorized cryptocurrency mining operations led to substantial cloud service expenditures totaling approximately $500,000.
Security Failures: The incident highlights vulnerabilities related to password security and the need for robust authentication mechanisms.

4. Paragon Solutions Spyware Targets Journalists and NGO Staffers**

A concerning cyber espionage campaign is under scrutiny:

[07:45] "Over 90 journalists and NGO staffers have been targeted with spyware made by Israeli company Paragon Solutions. The attacks allegedly used a zero-click exploit."

Key Points:

Spyware Deployment: Malicious documents were disseminated via WhatsApp, exploiting zero-click vulnerabilities to install Paragon's Graphite spyware on victims' devices.
Corporate Response: Meta has issued a cease and desist letter to Paragon and is actively notifying affected users to mitigate further compromises.
Acquisition Insight: AE Industrial Partners, a U.S. private investment firm, acquired Paragon Solutions for $900 million last year, raising questions about the company's operational transparency and ethical considerations.

5. Polish Former Justice Minister Arrested in Pegasus Spyware Probe**

A high-profile political scandal unfolds in Poland:

[10:15] "Polish authorities have arrested the country's previous justice minister on charges of using the Pegasus spyware against political opponents."

Key Points:

Arrest Details: Zbigniew Dzhbr, former justice minister from the Law and Order Party (2017-2023), was apprehended in Warsaw after leaving a right-wing TV station's headquarters.
Allegations: Dzhbr is accused of orchestrating surveillance operations against over 600 individuals using Pegasus spyware during his tenure.
Legal and Political Repercussions: The arrest signifies a critical stance against the misuse of surveillance technologies for political gain, emphasizing accountability within governmental roles.

6. Europol and Eurojust Highlight Challenges in Combating Cybercrime**

International law enforcement agencies discuss ongoing hurdles:

[12:50] "Europol and Eurojust say that data overload, anonymisation, and encryption services are their primary challenges in fighting cybercrime."

Key Points:

Data Management Issues: The exponential growth of data volumes overwhelms law enforcement's capacity to store and process information essential for combating online crime.
Technical Barriers: Challenges include dealing with carrier-grade NAT, anonymized WHOIS databases, and enhanced DNS privacy measures that obscure malicious activities.
Legislative Needs: Europol has urged lawmakers to create lawful avenues for accessing encrypted communications to facilitate investigations without infringing on privacy rights.

7. International Coordination Centre Launched to Tackle Cyber Scams**

A multilateral initiative aims to disrupt cybercriminal networks:

[15:30] "Law enforcement agencies from 18 countries have launched an international coordination centre to combat online cyber scam operations. The centre will operate from Thailand, one of the hotspots for such activities."

Key Points:

Member Countries: The centre includes representation from major cyber-operating nations such as China, Russia, and the United States, alongside several Southeast Asian nations.
Operational Focus: By centralizing efforts in Thailand, known for its high incidence of cyber scams, the initiative seeks to streamline coordination, intelligence sharing, and enforcement actions against cybercriminals.
Strategic Importance: This center represents a concerted global effort to dismantle sophisticated online scam operations through collaborative law enforcement strategies.

8. Turkish Authorities Crack Down on Government Database Breach**

Cybercriminals face intensified law enforcement actions:

[17:20] "Turkish authorities have arrested a cybercrime group that breached Mirnus, a government database that stores citizens' information. Officials say the group sold access to query the database and the data was used for making threats and blackmail."

Key Points:

Breach Impact: The Mirnus database contained sensitive citizen information, making it a lucrative target for cybercriminals seeking to exploit data for illicit purposes.
Arrests Made: A total of 44 suspects were detained, signaling a robust response from Turkish law enforcement against large-scale cybercrime operations.
Security Measures: The incident underscores the necessity for stringent security protocols in government databases to prevent unauthorized access and potential exploitation.

9. Deepseek Under DDoS Attack in China**

Persistent online threats challenge service reliability:

[19:05] "Chinese AI platform Deepseek has been dealing with a week-long DDoS attack that's targeted its API and public-facing websites. The attack started on 25 January."

Key Points:

Attack Characteristics: The Distributed Denial of Service (DDoS) attack exhibited high tactical sophistication, making it difficult for Deepseek to mitigate effectively.
Service Disruption: The assault on both the API and external websites has likely impacted user accessibility and service stability.
Response Efforts: Deepseek's attempts to counteract the attack highlight the ongoing battle between cybersecurity defenses and malicious actors employing advanced techniques.

10. Ransomware Strikes Tata Technologies in India**

Major industrial player faces cyber extortion:

[20:50] "A ransomware attack has impacted several IT systems at Tata Technologies, one of India's largest companies. The company took down affected systems and said that no customer services have been impacted."

Key Points:

Attack Scope: The ransomware infiltrated multiple IT systems within Tata Technologies, a prominent subsidiary of the Tata Group serving the automotive and aerospace sectors.
Mitigation Measures: Swift action was taken to isolate and deactivate the compromised systems, preventing any disruption to customer-facing services.
Industry Implications: This incident emphasizes the vulnerability of critical engineering service providers to ransomware threats and the importance of resilient cybersecurity frameworks.

11. AngelSense Database Exposure Compromises User Privacy**

A data leak raises privacy concerns:

[22:30] "GPS tracking service AngelSense has accidentally exposed an internal database with the personal data and location details of thousands of users."

Key Points:

Data Breach Details: An unprotected Elasticsearch database was responsible for the leak, containing over 120 million log entries, including real names, addresses, GPS coordinates, and account passwords.
Service Functionality: AngelSense provides real-time tracking for children and adults with special needs, making the exposed data particularly sensitive.
Security Oversight: The breach highlights critical lapses in securing databases, especially those handling highly sensitive and personal information.

12. WTCRY Ransomware Gang Exploits Misconfigured SMB Shares**

Emerging ransomware tactics pose new threats:

[24:10] "The WTCRY ransomware gang is hacking systems with misconfigured SMB shares to encrypt files and demand ransom payments."

Key Points:

Attack Vector: WTCRY capitalizes on improperly configured Server Message Block (SMB) shares, exploiting systems left with open or weakly protected SMB services.
Encryption Strategy: Once inside the network, the gang encrypts files across shared directories and connected Network Attached Storage (NAS) devices, leveraging the compromised access to maximize impact.
Distinction Clarification: It's important to differentiate WTCRY from the WannaCry worm associated with North Korea, as they are unrelated entities.
Activity Surge: Operating since late 2023, WTCRY has intensified its attacks, signaling a growing threat in the ransomware landscape.

13. Record High Ransomware Attacks in the Previous Year**

The cybersecurity community faces unprecedented challenges:

[26:00] "Last year saw the highest volume of ransomware attacks on record, with over 5,200 victims listed on dark web leak sites."

Key Points:

Attack Statistics: The previous year marked a significant increase in ransomware incidents, with over 5,200 recorded victims exposed on dark web platforms.
Dominant Threat Actors: Lockbit emerged as the most active ransomware group, continuing its operations despite a successful law enforcement takedown earlier in the year.
Peak Activity: December reached unprecedented levels of ransomware activity, underscoring the relentless and evolving nature of cyber extortion tactics.

Introduction

**1. Medical Device Backdoor Exposes Patient Data to China

**2. CISA Workers Exempt from Trump Administration's Resignation Program

**3. US Agency for International Development Breached for Cryptocurrency Mining

**4. Paragon Solutions Spyware Targets Journalists and NGO Staffers

**5. Polish Former Justice Minister Arrested in Pegasus Spyware Probe

**6. Europol and Eurojust Highlight Challenges in Combating Cybercrime

**7. International Coordination Centre Launched to Tackle Cyber Scams

**8. Turkish Authorities Crack Down on Government Database Breach

**9. Deepseek Under DDoS Attack in China

**10. Ransomware Strikes Tata Technologies in India

**11. AngelSense Database Exposure Compromises User Privacy

**12. WTCRY Ransomware Gang Exploits Misconfigured SMB Shares

**13. Record High Ransomware Attacks in the Previous Year

Conclusion

Introduction

**1. Medical Device Backdoor Exposes Patient Data to China

**2. CISA Workers Exempt from Trump Administration's Resignation Program

**3. US Agency for International Development Breached for Cryptocurrency Mining

**4. Paragon Solutions Spyware Targets Journalists and NGO Staffers

**5. Polish Former Justice Minister Arrested in Pegasus Spyware Probe

**6. Europol and Eurojust Highlight Challenges in Combating Cybercrime

**7. International Coordination Centre Launched to Tackle Cyber Scams

**8. Turkish Authorities Crack Down on Government Database Breach

**9. Deepseek Under DDoS Attack in China

**10. Ransomware Strikes Tata Technologies in India

**11. AngelSense Database Exposure Compromises User Privacy

**12. WTCRY Ransomware Gang Exploits Misconfigured SMB Shares

**13. Record High Ransomware Attacks in the Previous Year

Conclusion

1. Medical Device Backdoor Exposes Patient Data to China**

2. CISA Workers Exempt from Trump Administration's Resignation Program**

3. US Agency for International Development Breached for Cryptocurrency Mining**

4. Paragon Solutions Spyware Targets Journalists and NGO Staffers**

5. Polish Former Justice Minister Arrested in Pegasus Spyware Probe**

6. Europol and Eurojust Highlight Challenges in Combating Cybercrime**

7. International Coordination Centre Launched to Tackle Cyber Scams**

8. Turkish Authorities Crack Down on Government Database Breach**

9. Deepseek Under DDoS Attack in China**

10. Ransomware Strikes Tata Technologies in India**

11. AngelSense Database Exposure Compromises User Privacy**

12. WTCRY Ransomware Gang Exploits Misconfigured SMB Shares**

13. Record High Ransomware Attacks in the Previous Year**

1. Medical Device Backdoor Exposes Patient Data to China**

2. CISA Workers Exempt from Trump Administration's Resignation Program**

3. US Agency for International Development Breached for Cryptocurrency Mining**

4. Paragon Solutions Spyware Targets Journalists and NGO Staffers**

5. Polish Former Justice Minister Arrested in Pegasus Spyware Probe**

6. Europol and Eurojust Highlight Challenges in Combating Cybercrime**

7. International Coordination Centre Launched to Tackle Cyber Scams**

8. Turkish Authorities Crack Down on Government Database Breach**

9. Deepseek Under DDoS Attack in China**

10. Ransomware Strikes Tata Technologies in India**

11. AngelSense Database Exposure Compromises User Privacy**

12. WTCRY Ransomware Gang Exploits Misconfigured SMB Shares**

13. Record High Ransomware Attacks in the Previous Year**