July 25, 2024
Via: SecurityWeekThe National Community Pharmacists Association (NCPA) and more than three dozen healthcare providers from 22 U.S. states have filed a lawsuit against Change Healthcare, Optum, and UnitedHealth Group. The lawsuit stems from the catastrophic ransomware attack and subsequent data breach […]
Threats & Malware, Virus & Malware
July 25, 2024
Via: SecureWorldKnowBe4, a cybersecurity company specializing in awareness training and simulated phishing, recently disclosed an attempted infiltration by a North Korean operative posing as a software engineer. This incident sheds light on the evolving tactics of state-sponsored threat actors and underscores […]
July 24, 2024
Via: TechRadarA threat actor known by their alias ‘emo’ has posted the entire BreachForums v1 database, generated through late 2022, on Telegram, reportedly with the aim of allowing users to fix the holes in their OPSEC (operational security). As reported by […]
Application security, Security
July 18, 2024
Via: The RegisterCyber security workers only review major updates to software applications only 54 percent of the time, according to a poll of tech managers. That figure comes from CrowdStrike, which recently published [PDF] its 2024 State of Application Security Report. It’s […]
Application security, Security
July 17, 2024
Via: The RegisterEmbattled Russian infosec shop Kaspersky is giving US customers six months of security updates for free as a parting gift as Uncle Sam kicks the antivirus maker out of the American market. In a farewell note to US users, the […]
July 17, 2024
Via: The RegisterCosts associated with ransomware attacks on critical national infrastructure (CNI) organizations skyrocketed in the past year. According to Sophos’ latest figures, released today, the median ransom payments rose to $2.54 million – a whopping 41 times last year’s sum of […]
July 9, 2024
Via: The RegisterEvolve Bank & Trust says the data of more than 7.6 million customers was stolen during the LockBit break-in in late May, per a fresh filing with Maine’s attorney general. The filing lists the total number of persons affected (including […]
July 8, 2024
Via: The RegisterThe use of selfies to verify identity online is an emerging trend in some parts of the world since the pandemic forced more business to go digital. Some banks – and even governments – have begun requiring live images over […]
Threats & Malware, Vulnerabilities
July 5, 2024
Via: The RegisterKeen meatheads better hope they haven’t angered any cybersecurity folk before allowing their Traeger grills to update because a new high-severity vulnerability could be used for all kinds of high jinks. With summer in full swing in the northern hemisphere, […]
July 2, 2024
Via: The RegisterThe number of financial institutions caught up in the ransomware attack on Evolve Bank & Trust continues to rise as fintech businesses Wise and Affirm both confirm they have been materially affected. News of Evolve being compromised by extortionists broke […]
July 1, 2024
Via: The RegisterGlibc-based Linux systems are vulnerable to a new bug (CVE-2024-6387) in OpenSSH’s server (sshd) and should upgrade to the latest version. Infosec researchers at Qualys published their findings today, revealing that sshd is vulnerable to a race condition that could […]
June 28, 2024
Via: Camila MendesWith a hefty settlement fee of $49.5 million, Blackbaud’s cybersecurity nightmare has come to an end. In a damning finding, the Federal Trade Commission concluded that Blackbaud’s “lax security” is what enabled the threat actors to gain access to sensitive […]
June 26, 2024
Via: The RegisterAmerican healthcare provider Geisinger fears highly personal data on more than a million of its patients has been stolen – and claimed a former employee at a Microsoft subsidiary is the likely culprit. Geisinger on Monday announced the results of […]
Threats & Malware, Vulnerabilities
June 26, 2024
Via: The RegisterThought last year’s MOVEit hellscape was well and truly behind you? Unlucky, buster. We’re back for round two after Progress Software lifted the lid on fresh vulnerabilities affecting MOVEit Transfer and Gateway. Progress Software initially contacted users on June 13 […]
Threats & Malware, Vulnerabilities
June 25, 2024
Via: The RegisterUS cybersecurity agency CISA is urging high-risk chemical facilities to secure their online accounts after someone broke into its Chemical Security Assessment Tool (CSAT) portal. CSAT is used by industry facilities that house chemicals of interest, of which there are […]
Threats & Malware, Virus & Malware
June 21, 2024
Via: The RegisterThe vendor behind the software on which nearly 15,000 car dealerships across the US rely says an ongoing “cyber incident” has forced it to pull systems offline for a second time in as many days. CDK Global first shut down […]
June 20, 2024
Via: The RegisterA fresh report into the Nobelium offensive cyber crew published by France’s computer emergency response team (CERT-FR) highlights the group’s latest tricks as the country prepares for a major election and to host this year’s Olympic and Paralympic Games. Most […]
Threats & Malware, Vulnerabilities
June 19, 2024
Via: TechRadarSecurity researchers recently claimed to have found a flaw that could allow threat actors to spoof Microsoft corporate emails. A cybersecurity researcher with the alias Slonser (full name Vsevolod Kokorin, according to TechCrunch) recently posted on X with a telling […]
June 10, 2024
Via: The RegisterAuction house to the wealthy Christie’s says 45,798 people were affected by its recent cyberattack and resulting data theft. That’s according to public filings made with US state attorneys general on Friday, which also included template letters that are being […]
June 7, 2024
Via: Help Net Security26% of organizations don’t provide IT security training to end-users, according to Hornetsecurity. The Hornetsecurity survey, which compiled feedback from industry professionals worldwide, also reveals that 8% of organizations offer adaptive training that evolves based on the results of regular […]