Incident Overview:
Platform: Step Finance
Loss: ~$40M treasury theft
Vector: Compromised executive devices
Status: Operations terminated

Recovery efforts:
• ~$3.7M Remora assets recovered
• ~$1M additional tokens recovered
• Snapshot-based reimbursement for STEP holders
• Buyback + redemption process underway

Collateral shutdown:
Remora Markets, SolanaFloor

Strategic insight:
Executive endpoint compromise → treasury compromise.

Crypto treasury management must incorporate hardened device policies, hardware-backed key storage, enforced MFA, anomaly detection.

Source: https://therecord.media/step-finance-cryptocurrency-theft-shutdown

Follow us for tactical crypto threat briefings.
Share mitigation strategies below.

#Infosec #CryptoSecurity #DeFiRisk #TreasuryManagement #EndpointSecurity #Blockchain #DigitalAssets #ThreatModeling #CyberIncident #SecurityOperations

Incident Review: Alleged Breach at BookMyForex
BookMyForex, subsidiary of MakeMyTrip, faces allegations of a data breach after users reported unauthorized forex card activity.

Observed:
• USD & BRL debits
• Zero-balance wallet reflections
• Login access issues
• Escalation to Yes Bank
Official clarification: No confirmed data breach, categorized as unauthorized transaction attempts.

Potential vectors:
– Card network exploitation
– Automated fraud campaign
– External data exposure
– Payment processor vulnerability

Until technical transparency is published, this remains an active fintech incident case study.

Security professionals — what’s your threat model?

Source: https://www.technadu.com/bookmyforex-breach-makemytrip-unit-hit-by-possible-cyberattack-company-denies-incident/620754/

Engage below.

Follow TechNadu for deep-dive infosec coverage.

#Infosec #FintechSecurity #AllegedDataBreach #FraudDetection #CyberIncident #ThreatModeling #DigitalPayments #IndiaCyber #SecurityResearch

Huntington, West Virginia addresses cybersecurity incident

Huntington, West Virginia says it detected suspicious activity and isolated systems. City working with CISA and vendors; scope still unknown.

DysruptionHub
Montana hospital restores phones as cyber-related network disruptions persist

Livingston HealthCare in Montana says phones are back after a potential cybersecurity incident, but some network services remain limited.

DysruptionHub
Edisto Beach, South Carolina probes potential email cyber incident

Edisto Beach says it found a potential cyber incident in its email system and brought in investigators; details withheld amid a federal probe.

DysruptionHub
Russell Township police email cut off for weeks after suspected intrusion flagged in Ohio county network #CyberIncident #Ohio #Police #EmailSecurity #VPN #OperationalTechnology https://dysruptionhub.com/russell-police-email-block-ohio/
Russell Township police email cut off for weeks after suspected intrusion flagged in Ohio county network

Russell Township Police lost email after Sept. 8 incident; county cited Russia/Spain DNS and Microsoft 365 Direct Send. Restored via .gov in Nov.

DysruptionHub

AZ Monica hospital in Belgium shut down all servers following a cyber incident, disrupting scheduled care and forcing temporary patient transfers.

While urgent treatment continues, the case underscores familiar healthcare risks: system dependency, downtime procedures, and patient safety under degraded IT conditions. The incident type has not been confirmed.

What resilience strategies should healthcare environments prioritize first - segmentation, offline workflows, or faster recovery playbooks?

Source: https://www.bleepingcomputer.com/news/security/belgian-hospital-az-monica-shuts-down-servers-after-cyberattack/

Follow @technadu for objective coverage on healthcare and security operations.

#HealthcareInfoSec #CyberIncident #HospitalSecurity #PatientSafety #OperationalResilience #TechNadu

Apex Legends recently experienced a confirmed security incident involving remote control of player inputs during live matches.
Respawn reported no signs of malware or RCE, suggesting the issue stemmed from cheat mechanisms or misuse of elevated privileges.
This case highlights ongoing InfoSec challenges in:
• Privileged access management
• Real-time monitoring
• Incident response in live digital environments
What controls do you see as most critical in preventing similar incidents?

Source: https://www.bleepingcomputer.com/news/security/bad-actor-hijacks-apex-legends-characters-in-live-matches/

Join the discussion and follow @technadu for cybersecurity insights.

#InfoSec #CyberIncident #AccessManagement #GameSecurity #TechNadu

Higham Lane School in the UK closed after a cyberattack disabled phones, emails, servers, and internal platforms. Students and staff told not to access Google Classroom or SharePoint.

Full Article : https://www.technadu.com/uks-higham-lane-school-cyberattack-forces-closure-impacts-telephones-emails-servers/617644/

Are schools adequately prepared for modern cyber threats?

#CyberIncident #EducationSecurity #InfoSec #IncidentResponse

Mississippi's Singing River Health probes potential cyber incident

Mississippi’s Singing River Health System says MyChart is restored after a potential cyber incident; investigation continues.

DysruptionHub