Tag: Featured

July 25, 2024

The National Community Pharmacists Association (NCPA) and more than three dozen healthcare providers from 22 U.S. states have filed a lawsuit against Change Healthcare, Optum, and UnitedHealth Group. The lawsuit stems from the catastrophic ransomware attack and subsequent data breach […]

July 25, 2024

KnowBe4, a cybersecurity company specializing in awareness training and simulated phishing, recently disclosed an attempted infiltration by a North Korean operative posing as a software engineer. This incident sheds light on the evolving tactics of state-sponsored threat actors and underscores […]

July 24, 2024

A threat actor known by their alias ‘emo’ has posted the entire BreachForums v1 database, generated through late 2022, on Telegram, reportedly with the aim of allowing users to fix the holes in their OPSEC (operational security). As reported by […]

July 24, 2024

There have been so many hot takes about the CrowdStrike disaster that I don’t feel any need to add mine. But when you see what Delta Airlines is *still* doing to passengers some five days after this one piece of […]

July 18, 2024

Prolific Russian cybercrime syndicate FIN7 is using various pseudonyms to sell its custom security solution-disabling malware to different ransomware gangs. AvNeutralizer malware was previously thought to be solely linked to the Black Basta group, but fresh research has uncovered various […]

July 18, 2024

Cyber security workers only review major updates to software applications only 54 percent of the time, according to a poll of tech managers. That figure comes from CrowdStrike, which recently published [PDF] its 2024 State of Application Security Report. It’s […]

July 17, 2024

Embattled Russian infosec shop Kaspersky is giving US customers six months of security updates for free as a parting gift as Uncle Sam kicks the antivirus maker out of the American market. In a farewell note to US users, the […]

July 17, 2024

Costs associated with ransomware attacks on critical national infrastructure (CNI) organizations skyrocketed in the past year. According to Sophos’ latest figures, released today, the median ransom payments rose to $2.54 million – a whopping 41 times last year’s sum of […]

July 10, 2024

Google has removed a potential obstacle for high-risk users who want to enroll in the company’s Advanced Protection Program (APP): they can now do it just by setting a passkey. Users already enrolled in APP have been provided the option […]

July 9, 2024

Evolve Bank & Trust says the data of more than 7.6 million customers was stolen during the LockBit break-in in late May, per a fresh filing with Maine’s attorney general. The filing lists the total number of persons affected (including […]

July 9, 2024

When it comes to surveillance malware, sophisticated spyware with complex capabilities tends to hog the limelight – for example NSO Group’s Pegasus, which is sold to established governments. But it’s actually less polished kit that you’ve never heard of, like […]

July 8, 2024

It’s been a week of bad cyber security revelations for OpenAI, after news emerged that the startup failed to report a 2023 breach of its systems to anybody outside the organization, and that its ChatGPT app for macOS was coded […]

July 8, 2024

The use of selfies to verify identity online is an emerging trend in some parts of the world since the pandemic forced more business to go digital. Some banks – and even governments – have begun requiring live images over […]

July 3, 2024

Organizations increasingly rely on global talent outsourcing to bolster their cybersecurity capabilities. By tapping into a vast pool of skilled professionals worldwide, companies can address skill shortages, optimize costs, and gain access to specialized expertise. However, this trend also introduces […]

July 2, 2024

The number of financial institutions caught up in the ransomware attack on Evolve Bank & Trust continues to rise as fintech businesses Wise and Affirm both confirm they have been materially affected. News of Evolve being compromised by extortionists broke […]

July 2, 2024

OpenSSH, regarded as one of the “most secure software implementations in the world” has a “glaring gap” that allows threat actors to completely take over Linux systems that have it installed, experts have warned. A report from Qualys claims the […]

July 1, 2024

Glibc-based Linux systems are vulnerable to a new bug (CVE-2024-6387) in OpenSSH’s server (sshd) and should upgrade to the latest version. Infosec researchers at Qualys published their findings today, revealing that sshd is vulnerable to a race condition that could […]

July 1, 2024

Libraries. Hushed temples to the civilizing power of knowledge, or launchpads of global destruction? Yep, another word tech has borrowed and debased. Code libraries are essential for adding just the right standard tested functionality to a project. They’re also a […]

June 26, 2024

American healthcare provider Geisinger fears highly personal data on more than a million of its patients has been stolen – and claimed a former employee at a Microsoft subsidiary is the likely culprit. Geisinger on Monday announced the results of […]

June 25, 2024

US cybersecurity agency CISA is urging high-risk chemical facilities to secure their online accounts after someone broke into its Chemical Security Assessment Tool (CSAT) portal. CSAT is used by industry facilities that house chemicals of interest, of which there are […]