Tag: Cybersecurity

July 25, 2024

The National Community Pharmacists Association (NCPA) and more than three dozen healthcare providers from 22 U.S. states have filed a lawsuit against Change Healthcare, Optum, and UnitedHealth Group. The lawsuit stems from the catastrophic ransomware attack and subsequent data breach […]

July 25, 2024

KnowBe4, a cybersecurity company specializing in awareness training and simulated phishing, recently disclosed an attempted infiltration by a North Korean operative posing as a software engineer. This incident sheds light on the evolving tactics of state-sponsored threat actors and underscores […]

July 24, 2024

A threat actor known by their alias ‘emo’ has posted the entire BreachForums v1 database, generated through late 2022, on Telegram, reportedly with the aim of allowing users to fix the holes in their OPSEC (operational security). As reported by […]

July 18, 2024

Cyber security workers only review major updates to software applications only 54 percent of the time, according to a poll of tech managers. That figure comes from CrowdStrike, which recently published [PDF] its 2024 State of Application Security Report. It’s […]

July 17, 2024

Embattled Russian infosec shop Kaspersky is giving US customers six months of security updates for free as a parting gift as Uncle Sam kicks the antivirus maker out of the American market. In a farewell note to US users, the […]

July 17, 2024

Costs associated with ransomware attacks on critical national infrastructure (CNI) organizations skyrocketed in the past year. According to Sophos’ latest figures, released today, the median ransom payments rose to $2.54 million – a whopping 41 times last year’s sum of […]

July 9, 2024

Evolve Bank & Trust says the data of more than 7.6 million customers was stolen during the LockBit break-in in late May, per a fresh filing with Maine’s attorney general. The filing lists the total number of persons affected (including […]

July 8, 2024

The use of selfies to verify identity online is an emerging trend in some parts of the world since the pandemic forced more business to go digital. Some banks – and even governments – have begun requiring live images over […]

July 5, 2024

Keen meatheads better hope they haven’t angered any cybersecurity folk before allowing their Traeger grills to update because a new high-severity vulnerability could be used for all kinds of high jinks. With summer in full swing in the northern hemisphere, […]

July 2, 2024

The number of financial institutions caught up in the ransomware attack on Evolve Bank & Trust continues to rise as fintech businesses Wise and Affirm both confirm they have been materially affected. News of Evolve being compromised by extortionists broke […]

July 1, 2024

Glibc-based Linux systems are vulnerable to a new bug (CVE-2024-6387) in OpenSSH’s server (sshd) and should upgrade to the latest version. Infosec researchers at Qualys published their findings today, revealing that sshd is vulnerable to a race condition that could […]

June 28, 2024

With a hefty settlement fee of $49.5 million, Blackbaud’s cybersecurity nightmare has come to an end.  In a damning finding, the Federal Trade Commission concluded that Blackbaud’s “lax security” is what enabled the threat actors to gain access to sensitive […]

June 26, 2024

American healthcare provider Geisinger fears highly personal data on more than a million of its patients has been stolen – and claimed a former employee at a Microsoft subsidiary is the likely culprit. Geisinger on Monday announced the results of […]

June 26, 2024

Thought last year’s MOVEit hellscape was well and truly behind you? Unlucky, buster. We’re back for round two after Progress Software lifted the lid on fresh vulnerabilities affecting MOVEit Transfer and Gateway. Progress Software initially contacted users on June 13 […]

June 25, 2024

US cybersecurity agency CISA is urging high-risk chemical facilities to secure their online accounts after someone broke into its Chemical Security Assessment Tool (CSAT) portal. CSAT is used by industry facilities that house chemicals of interest, of which there are […]

June 21, 2024

The vendor behind the software on which nearly 15,000 car dealerships across the US rely says an ongoing “cyber incident” has forced it to pull systems offline for a second time in as many days. CDK Global first shut down […]

June 20, 2024

A fresh report into the Nobelium offensive cyber crew published by France’s computer emergency response team (CERT-FR) highlights the group’s latest tricks as the country prepares for a major election and to host this year’s Olympic and Paralympic Games. Most […]

June 19, 2024

Security researchers recently claimed to have found a flaw that could allow threat actors to spoof Microsoft corporate emails. A cybersecurity researcher with the alias Slonser (full name Vsevolod Kokorin, according to TechCrunch) recently posted on X with a telling […]

June 10, 2024

Auction house to the wealthy Christie’s says 45,798 people were affected by its recent cyberattack and resulting data theft. That’s according to public filings made with US state attorneys general on Friday, which also included template letters that are being […]

June 7, 2024

26% of organizations don’t provide IT security training to end-users, according to Hornetsecurity. The Hornetsecurity survey, which compiled feedback from industry professionals worldwide, also reveals that 8% of organizations offer adaptive training that evolves based on the results of regular […]