July 25, 2024
Via: SecurityWeekThe National Community Pharmacists Association (NCPA) and more than three dozen healthcare providers from 22 U.S. states have filed a lawsuit against Change Healthcare, Optum, and UnitedHealth Group. The lawsuit stems from the catastrophic ransomware attack and subsequent data breach […]
Threats & Malware, Virus & Malware
July 25, 2024
Via: SecureWorldKnowBe4, a cybersecurity company specializing in awareness training and simulated phishing, recently disclosed an attempted infiltration by a North Korean operative posing as a software engineer. This incident sheds light on the evolving tactics of state-sponsored threat actors and underscores […]
July 24, 2024
Via: TechRadarA threat actor known by their alias ‘emo’ has posted the entire BreachForums v1 database, generated through late 2022, on Telegram, reportedly with the aim of allowing users to fix the holes in their OPSEC (operational security). As reported by […]
Threats & Malware, Vulnerabilities
July 24, 2024
Via: SecurityWeekThere have been so many hot takes about the CrowdStrike disaster that I don’t feel any need to add mine. But when you see what Delta Airlines is *still* doing to passengers some five days after this one piece of […]
Threats & Malware, Virus & Malware
July 18, 2024
Via: The RegisterProlific Russian cybercrime syndicate FIN7 is using various pseudonyms to sell its custom security solution-disabling malware to different ransomware gangs. AvNeutralizer malware was previously thought to be solely linked to the Black Basta group, but fresh research has uncovered various […]
Application security, Security
July 18, 2024
Via: The RegisterCyber security workers only review major updates to software applications only 54 percent of the time, according to a poll of tech managers. That figure comes from CrowdStrike, which recently published [PDF] its 2024 State of Application Security Report. It’s […]
Application security, Security
July 17, 2024
Via: The RegisterEmbattled Russian infosec shop Kaspersky is giving US customers six months of security updates for free as a parting gift as Uncle Sam kicks the antivirus maker out of the American market. In a farewell note to US users, the […]
July 17, 2024
Via: The RegisterCosts associated with ransomware attacks on critical national infrastructure (CNI) organizations skyrocketed in the past year. According to Sophos’ latest figures, released today, the median ransom payments rose to $2.54 million – a whopping 41 times last year’s sum of […]
July 10, 2024
Via: Help Net SecurityGoogle has removed a potential obstacle for high-risk users who want to enroll in the company’s Advanced Protection Program (APP): they can now do it just by setting a passkey. Users already enrolled in APP have been provided the option […]
July 9, 2024
Via: The RegisterEvolve Bank & Trust says the data of more than 7.6 million customers was stolen during the LockBit break-in in late May, per a fresh filing with Maine’s attorney general. The filing lists the total number of persons affected (including […]
Threats & Malware, Virus & Malware
July 9, 2024
Via: The RegisterWhen it comes to surveillance malware, sophisticated spyware with complex capabilities tends to hog the limelight – for example NSO Group’s Pegasus, which is sold to established governments. But it’s actually less polished kit that you’ve never heard of, like […]
July 8, 2024
Via: The RegisterIt’s been a week of bad cyber security revelations for OpenAI, after news emerged that the startup failed to report a 2023 breach of its systems to anybody outside the organization, and that its ChatGPT app for macOS was coded […]
July 8, 2024
Via: The RegisterThe use of selfies to verify identity online is an emerging trend in some parts of the world since the pandemic forced more business to go digital. Some banks – and even governments – have begun requiring live images over […]
July 3, 2024
Via: SecureWorldOrganizations increasingly rely on global talent outsourcing to bolster their cybersecurity capabilities. By tapping into a vast pool of skilled professionals worldwide, companies can address skill shortages, optimize costs, and gain access to specialized expertise. However, this trend also introduces […]
July 2, 2024
Via: The RegisterThe number of financial institutions caught up in the ransomware attack on Evolve Bank & Trust continues to rise as fintech businesses Wise and Affirm both confirm they have been materially affected. News of Evolve being compromised by extortionists broke […]
Threats & Malware, Vulnerabilities
July 2, 2024
Via: TechRadarOpenSSH, regarded as one of the “most secure software implementations in the world” has a “glaring gap” that allows threat actors to completely take over Linux systems that have it installed, experts have warned. A report from Qualys claims the […]
July 1, 2024
Via: The RegisterGlibc-based Linux systems are vulnerable to a new bug (CVE-2024-6387) in OpenSSH’s server (sshd) and should upgrade to the latest version. Infosec researchers at Qualys published their findings today, revealing that sshd is vulnerable to a race condition that could […]
July 1, 2024
Via: The RegisterLibraries. Hushed temples to the civilizing power of knowledge, or launchpads of global destruction? Yep, another word tech has borrowed and debased. Code libraries are essential for adding just the right standard tested functionality to a project. They’re also a […]
June 26, 2024
Via: The RegisterAmerican healthcare provider Geisinger fears highly personal data on more than a million of its patients has been stolen – and claimed a former employee at a Microsoft subsidiary is the likely culprit. Geisinger on Monday announced the results of […]
Threats & Malware, Vulnerabilities
June 25, 2024
Via: The RegisterUS cybersecurity agency CISA is urging high-risk chemical facilities to secure their online accounts after someone broke into its Chemical Security Assessment Tool (CSAT) portal. CSAT is used by industry facilities that house chemicals of interest, of which there are […]