April 2025
Welcome back to The Cipher Chronicle—your trusted source for staying ahead in cybersecurity. This month, we've got a fresh roundup of insights, impactful cyber incidents, and solutions designed to help your organization stay proactive in the space.
In this April edition, we’re covering:
✅ Key lessons from recent breaches impacting Oracle, Hertz, NASCAR, and more.
✅ Our partner, Push Security, and their real-time identity browser.
✅ Advanced cybersecurity strategies tailored specifically for financial institutions.
You'll also find essential insights into ransomware surges, nation-state espionage, and evolving malware tactics. Plus, we're sharing highlights from our recent cybersecurity summit, CIPHERISE, held on April 9th.
Cyber threats evolve constantly—and so does our commitment to protecting you. Our team is always here, ready to guide you toward better strategies and greater resilience.
Let’s jump in! 👇
Check out some of the latest hacks and attacks from this month that may be targeting your industry.
Oracle
Exploit: Hacking
Industry: Technology
The Chronicle's Take: Oracle experienced a breach involving two outdated servers, leading to the theft and leak of login credentials. While the company asserts that its Oracle Cloud services and customer data remain unaffected, this incident underscores the critical need for organizations to decommission legacy systems and maintain security protocols to protect sensitive information.
State Bar of Texas
Exploit: Ransomware
Industry: Non-profit
The Chronicle's Take: The State Bar of Texas suffered a ransomware attack by the INC group, compromising sensitive personal data, including Social Security numbers and financial information. The breach highlights the importance of timely detection and response to cyber threats, especially in institutions handling confidential legal data.
Baltimore, Maryland
Exploit: Business Email Compromise
Industry: Government
The Chronicle's Take: A cybercriminal exploited a business email compromise to fraudulently redirect over $1.5 million intended for a city vendor. This incident emphasizes the necessity for stringent verification processes and employee training to prevent such financially damaging attacks.
Hertz
Exploit: Hacking
Industry: Travel & Leisure
The Chronicle's Take: Hertz disclosed a data breach linked to vulnerabilities in Cleo's file transfer software, resulting in the exposure of customer data, including driver's license and credit card information. The breach, attributed to the Clop ransomware gang, highlights the risks associated with third-party vendors and the importance of securing supply chain networks.
NASCAR
Exploit: Ransomware
Industry: Entertainment
The Chronicle's Take: The Medusa ransomware group took the wheel and claimed responsibility for a cyberattack on NASCAR, allegedly exfiltrating over 1TB of data and demanding a $4 million ransom. This attack illustrates the growing threat of ransomware in the entertainment sector and the need for comprehensive cybersecurity measures to protect critical data.
Cipher's Partner of the Month | Push Security
At Cipher, our xMDR platform delivers 24/7 managed detection and response by integrating best-in-class security tools to provide comprehensive coverage across the threat landscape. Push Security enhances xMDR by extending it's coverage across modern identity attack surfaces and detecting attacks like credential phishing and account takeover.
Through seamless integration, Push feeds real-time identity and browser telemetry into xMDR, enabling our SOC analysts to detect and respond to threats that traditional tools might miss. This layered approach empowers Cipher to proactively secure user identities and stop risky behavior by defending users right where they work—the browser.
Recommended by LinkedIn
Cyber threats may be growing, but so are you options for defense. Here's what we've been up to lately:
Cipher Flex™: A Smarter Way to Secure Your Business
Flexible. Predictable. Secure.
Cipher Flex™ is our new consumption-based pricing model designed for organizations that need agility without sacrificing control. Whether you're scaling fast, shifting priorities, or planning ahead, Cipher Flex™ gives you the freedom to use only what you need—while locking in predictable costs and maximizing value.
Discover how Cipher Flex™ can simplify your security strategy, maximize your budget, and adapt to your evolving needs.
Solution Brief: Enhancing Cloud Security with Datadog SIEM & Cipher xMDR
Discover how Cipher and Datadog deliver unified threat detection, MDR, and cyber intelligence to enhance cloud visibility and streamline security. This solution brief covers tackling alert fatigue and insider threats, achieving real-time AI-driven threat detection, accelerating response with 24/7 SOC support, and maintaining cloud compliance—all backed by real-world use cases.
Advanced, Tailored, Cybersecurity Solutions to Continuously Protect Financial Institutions
As financial institutions continue to serve clients around the world and around the clock, cyberthreats targeting banking systems, trading platforms, and financial data are becoming more sophisticated than ever.
At Cipher, we understand the critical need to not only provide robust cybersecurity, comprehensive compliance support, and trusted governance risk management but also to set up defenses tailored to your financial operations.
Once Invented, Never Forgotten: The Irreversible Impact of Technology on Society
Every technological breakthrough arrives with a promise—and a price.
From artificial intelligence (AI) to quantum computing to the worldwide distributed Tor network, new technology and innovations can bring huge transformative benefits. But they can also introduce complex risks.
Threat Brief: Ransomware Surge, Stat-Sponsored Espionage, and Evolving Malware Tactics
The x63 Unit, Cipher's global cyber intelligence team, has been closely tracking a surge in ransomware activity and the growing role of nation-state actors in cyber espionage. As threat actors get smarter, so must our security strategies. This week's update dives into the latest attack vectors, targeted sectors, and what organizations can do to stay one step ahead.
Complimentary Attack Surface Report
Worried about shadow IT, unpatched vulnerabilities, or exposed assets you don't even know about? Our in-depth attack surface report identifies your more pressing weaknesses before threat actors do.
Our Team This Past Month
CIPHERISE 2025 Recap — On April 9th, Cipher hosted its annual cybersecurity summit. The event brought together industry leaders, cybersecurity professionals, and innovators to network and discuss security strategies. Attendees engaged in interactive sessions and fostered collaboration as we looked forward into 2025.
Stay tuned for future events and CIPHERISE on the road.
Cipher Customer Quote of the Month
"When it comes to cybersecurity, you need expert business partners who are proactive, reliable, and engaged; Cipher is all of this and more." —Marlena Efstratopoulou, CISO, Options IT
A Final Note
Defending your organization is a year-round responsibility. As threat actors refine their tactics, staying vigilant becomes even more important. Whether you're grappling with insider threats, planning your next big security initiative, or simply curious about the latest threat intel, our team is here to help every step of the way.
Thanks for tuning in to The Cipher Chronicle. Stay sharp out there, and we'll see you next month!