The Ankura Cyber Threat Investigations and Expert Services (CTIX) FLASH Wrap-Up is a collection of high-level cyber intelligence summaries pertaining to current or emerging cyber events in May 2023.
Malware Activity NextGen Healthcare Discloses Data Breach Impacting Over 1 Million Patients NextGen Healthcare, Inc., a software, and services company headquartered in Georgia, has disclosed a data. | May 22, 2023
According to Microsoft’s Digital Defense Report 2022, nation-state threat activities from Russia, Iran, North Korea, and China have increased since the start of the Ukrainian conflict.
Threat Actor Update: Iranian State Sponsored APT Conducts Cyber Espionage and Ransomware Activities EclecticIQ researchers assess MuddyWater is a well-funded, state supported, and skilled adversary group based on the variety of tactics, tools, and targets used by the group which can cause significant damage to both government and enterprises through data theft and ransomware. MuddyWater is the first APT group attributed as a subordinate element to the Iranian Ministry of Intelligence and Security (MOIS) by The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Cyber Command Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber Security Centre (NCSC-UK). MuddyWater has been observed conducting cyber espionage and other cyber activities targeting telecommunication, defense, government, oil and natural gas in Asia, Europe, and North America since approximately 2018 . The attribution of MuddyWater to MOIS li