HACKRead
IoT Cameras Exposed by Chainable Exploits, Millions Affected
The Internet of Things (IoT) promises a world of interconnected devices, but with this connectivity comes a dark side such as security vulnerabilities.
HACKRead
The Internet of Things (IoT) promises a world of interconnected devices, but with this connectivity comes a dark side such as security vulnerabilities.
SecurityWeek
The hacking forum BreachForums is displaying a notice claiming that the website is under the control of the FBI.
Security Magazine
A sophisticated phishing campaign is bypassing multi-factor authentication in order to target Meta business accounts.
The Cyber Express
The ever-evolving landscape of cybersecurity is shaped by a dedicated group of individuals. These pioneers, through their research, entrepreneurship, and
CSO
The health care provider has dramatically increased its estimate of the number of patients affected by the August 2023 attack.
SecurityWeek
Singing River Health System says the personal information of roughly 900,000 individuals was stolen in an August 2023 ransomware attack.
Bleeping Computer
The Singing River Health System is warning that it is now estimating that 895,204 people are impacted by a ransomware attack it suffered in August 2023.
Infosecurity News
Comparitech said 2023 was a record year for breaches with 954 reported, up from 139 in 2022 and 783 in 2021
Ars Technica
"It’s easier to manage a team that’s happy.”
CyberSecurity Dive
Overall, the nonprofit K12 Security Information Exchange backed the requirement for schools, but it asked for clarification on how the sector should report cyber incidents students initiate.
The Record
State-linked hackers from Russia, China, Iran and North Korea are setting their sights set their sights on NGOs, think tanks, human rights activists and journalists, the advisory warned.
Ars Technica
Threat group has targeted 500 organizations. One is currently struggling to cope.
Cyber Security News
Information such as financial records, customer information, and intellectual property that may be sold on the black web markets is what
SecurityWeek
The US government warns of Black Basta ransomware attacks targeting critical infrastructure organizations.
Cyber Security News
Ascension is one of the most extensive charity healthcare systems in the US. It has been hit hard by a ransomware attack.
SC Magazine
Black Basta, the gang reportedly responsible for the attack against the large health system, is described as prolific and sophisticated by federal agencies.
The Cyber Express
The ever-evolving digital landscape presents a constant challenge for businesses and individuals alike: staying secure in the face of increasingly
Bleeping Computer
After many months of taunting law enforcement and offering a million-dollar reward to anyone who could reveal his identity, the FBI and NCA have done just that, revealing the name of LockBitSupp, the operator of the LockBit ransomware operation.
Bleeping Computer
Ascension, a major U.S. healthcare network, is diverting ambulances from several hospitals due to a suspected ransomware attack that has been causing clinical operation disruptions and system outages since Wednesday.
DarkReading
The attack cut off access to electronic healthcare records (EHRs) and ordering systems, plunging the organization and its health services into chaos.
CyberSecurity Dive
The health system’s electronic health records, MyChart patient portal and several systems for ordering tests and medications are unavailable, Ascension said.
The Cyber Express
Ascension, one of the largest nonprofit healthcare systems in the United States, is facing disruptions in clinical operations due to
CyberSecurity Dive
The major nonprofit health system detected “unusual activity” on some network systems Wednesday.
CyberNews
Non-profit Ascension health systems tells business partners to disconnect from its networks after a suspected cyberattack disrupts operations at facilities across the US.
The Record
Deputy National Security Advisor Anne Neuberger said the incident is an example of the need for more to be done to protect critical infrastructure.
SC Magazine
Large Catholic nonprofit hired Mandiant to investigate what’s now an unspecified cybersecurity incident that has reportedly forced hospitals in at least Maryland, Michigan, Kansas, and Wisconsin to shut down its systems.
The Record
LockBitSupp, head of the LockBit cybercrime operation, tells the Click Here podcast team that he is not Russian national Dmitry Khoroshev, as claimed by the U.S., U.K. and Australia.
Bleeping Computer
Ascension, one of the largest private healthcare systems in the United States, has taken some of its systems offline to investigate what it describes as a "cyber security event."
Infosecurity News
The findings come from Apricorn, based on annual Freedom of Information (FOI) responses from 2023
Infosecurity News
New IANS Research data finds many tech CISOs are concerned about their compensation as salaries stagnate
The Cyber Express
Brandywine Realty Trust issued a recent filing to the US Securities And Exchange Commission (SEC), where it confirmed that an
The Record
The former U.S. Cyber Command and National Security Agency chief will be the founding director of a national security-focused hub at the Nashville-based campus.
The Record
The nonprofit health provider published a notice saying it discovered unusual activity on network systems and immediately began an investigation.
CyberNews
TikTok and Chinese parent company ByteDance filed suit in US federal court seeking to block a law that would force the company to divest from TikTok or face a ban.
CyberNews
The leadership identity of the LockBit ransomware group is unveiled by the US Department of Justice (DoJ), UK’s National Crime Agency (NCA), and Europol.
The Hacker News
MITRE, a renowned research firm, has revealed alarming details about a recent cyber attack that dates back to late 2023.
HACKRead
A massive data leak of 820,000 Dominican Republic individuals' PII on Breach Forums, including their COVID-19 vaccination status, has been identified by Resecurity.
SecurityWeek
As cyber threats grow more sophisticated, America can't afford complacency. The time for decisive action and enhanced cyber resilience is now.
SecurityWeek
MITRE has shared more details on the recent hack, including the new malware and a timeline of the attacker’s activities.
The Record
“It's very difficult to dismantle large organizations like this," said Brett Leatherman, deputy assistant director of the FBI’s cyber division.
Bleeping Computer
The NCA, FBI, and Europol have revived a seized LockBit ransomware data leak site to hint at new information being revealed by law enforcement this Tuesday.
The Cyber Express
The digital world continues to spin at breakneck speed, and this week's TCE Cyberwatch brings you the latest updates on
Ars Technica
"One of the largest counterfeit-trafficking operations ever."
Cyber Security News
Onur Aksoy, a forty-year-old resident of Florida and dual citizen of Turkey and the United States, was found guilty of running a large
Bleeping Computer
Onur Aksoy, the CEO of a group of companies controlling multiple online storefronts, was sentenced to six and a half years in prison for selling $100 million worth of counterfeit Cisco network equipment to government, health, education, and military organizations worldwide.
The Cyber Express
Over a million Australians who frequented pubs and clubs have likely had their critical information exposed in Outabox data breach,
DarkReading
Unmanaged and unknown Web services endpoints are just some of the challenges organizations must address to improve API security.
Infosecurity News
New report from Netwrix reveals unplanned expenses impact half of breached firms, including a surge in lawsuits
Ars Technica
145,152-core supercomputer was 20th most powerful in the world in 2016.
DarkReading
USBs have something the newest, hottest attack techniques lack: the ability to bridge air gaps.
Infosecurity News
Sophos found that the average ransom payment was $2m in 2023, with 63% of ransom demands $1m or more
The Cyber Express
The LockBit ransomware group has allegedly claimed responsibility for an earlier Cannes Hospital cyberattack impacting the Cannes Simone Veil Hospital
The Record
Aleksanteri Kivimäki, formerly known by the first name Julius and the hacker handle Zeekill, was convicted on all charges relating to the hack of Helsinki-based Vastaamo.
DarkReading
Okta warns users that the attack requests are made through an anonymizing service like Tor or various commercial proxy networks.
Ars Technica
Credential-stuffing attack uses proxies to hide bad behavior.
SecurityWeek
History of TikTok and how it many view it as a national security threat based on connections to China.
SecurityWeek
Okta warns of an increase in credential stuffing attacks leveraging anonymizing services such as DataImpulse, Luminati, and NSocks.
Infosecurity News
Okta has issues customers with new advice on how to block mounting credential stuffing attacks
CyberSecurity Dive
Regulators have been pursuing more enforcement actions against health applications sharing consumers’ data. Friday’s final rule should give those actions more heft.
Security Affairs
Los Angeles County Department of Health Services reported a data breach that exposed thousands of patients' personal and health information.
Security Affairs
Multiple flaws in Brocade SANnav storage area network (SAN) management application can allow to compromise impacted appliances.
Security Affairs
Identity and access management services provider Okta warned of a spike in credential stuffing attacks aimed at online services.
The Hacker News
Okta is sounding the alarm on an unprecedented spike in credential stuffing attacks targeting online services.
SecurityWeek
More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published.
SecurityWeek
Noteworthy stories that might have slipped under the radar: Volkswagen hacked by Chinese threat group, DDoS service shut down, Rubrik IPO.
The Cyber Express
American private equity firm Thoma Bravo has inked an agreement to acquire British cybersecurity giant Darktrace for $4.6bn. This all-cash
Security Affairs
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability.
Security Affairs
CISA adds Cisco ASA and FTD and CrushFTP VFS vulnerabilities to its Known Exploited Vulnerabilities catalog.
Bleeping Computer
The L.A. County's Department of Health Services, the second-largest public health care system in the United States, disclosed a data breach after patients' personal and health information was exposed in a data breach resulting from a recent phishing attack impacting over two dozen employees.
Bleeping Computer
The Los Angeles County Department of Health Services disclosed a data breach after thousands of patients' personal and health information was exposed in a data breach resulting from a recent phishing attack impacting over two dozen employees.
Bleeping Computer
Reddit is investigating a major outage blocking users worldwide from accessing the social network's websites and mobile apps.
SecurityWeek
Predictive attack intelligence and risk protection startup BforeAI has raised $15 million in a Series A funding round led by SYN Ventures.
Infosecurity News
A new ISC2 study highlights the lack of diversity in cybersecurity with only 4% of teams having a majority of women, while 11% have none at all
Infosecurity News
Email-borne fraud accounted for more insurance claims than any other category in 2023, says Coalition
SecurityWeek
Cisco Systems joined Microsoft and IBM in signing onto a Vatican-sponsored pledge to ensure AI is developed and used ethically.
SC Magazine
Security pros say given the complexity of SAN management tools, it’s understandable the patches took so long.
Bleeping Computer
Proof-of-concept exploit code has been released for a top-severity security vulnerability in Progress Flowmon, a tool for monitoring network performance and visibility.
DarkReading
An exploit for the vulnerability allows attackers to escape a virtual file system sandbox to download system files and potentially achieve RCE.
Infosecurity News
The proximity of organizations’ headquarters, like Asda’s and NHS England’s, prompted BlueVoyant to choose Leeds as the location for its first UK SOC
Cyber Security News
Proton’s Dark Web Monitoring operates by scanning various hubs on the dark web, such as hacking forums and marketplaces.
SecurityWeek
The LockBit ransomware gang leaks 1 Gb of data allegedly stolen from government contractor Tyler Technologies.
Security Affairs
A cyber attack has been disrupting operations at Synlab Italy, a leading provider of medical diagnosis services, since April 18.
DarkReading
Malaysia, Singapore, and Ghana are among first countries to mandate licenses for cybersecurity firms to do business, but concerns remain.
SecurityWeek
CrushFTP patches a zero-day vulnerability allowing unauthenticated attackers to escape the VFS and retrieve system files.
Infosecurity News
CrushFTP is urging customers to download v11 of its file transfer platform, with attackers actively exploiting a vulnerability that allows them to download system files
SecurityWeek
Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
The Cyber Express
A dark web user has allegedly claimed a breach involving Luxor International Private Limited, a prominent Indian manufacturer of stationery
The Cyber Express
India is currently hosting its general elections, spanning from April 19 to June 1, 2024, across seven phases to elect
The Record
Two of the biggest cybersecurity incidents in 2023 revolved around zero-day vulnerabilities in file transfer tools.
The Record
The rules will bar doctors, insurers and other health-care groups from making health information available to state officials investigating, prosecuting, or filing a lawsuit against a patient or provider.
SC Magazine
The alleged creator of the phishing-as-a-service malware was among those apprehended in the international operation.
Security Affairs
Threat actors exploited a critical zero-day vulnerability in the CrushFTP enterprise in targeted attacks, Crowdstrike experts warn.
The Cyber Express
The MITRE Corporation revealed on April 19 that it was one of over 1700 organizations compromised by a state-backed hacking
The Hacker News
A critical vulnerability (CVE-2024-3400) in Palo Alto Networks PAN-OS is being actively exploited by threat actors.
Bleeping Computer
The MITRE Corporation says a state-backed hacking group breached its systems in January 2024 by chaining two Ivanti VPN zero-days.
Security Affairs
An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost.
DarkReading
Industry leaders aim to solve the threat to both the mental health of workers and security of organizations with solutions that recognize the enormous pressures facing cybersecurity professionals.
SecurityWeek
LabHost, a major phishing-as-a-service platform, has been shut down as part of a major law enforcement operation.
The Hacker News
An international law enforcement operation has busted LabHost, a notorious cybercrime service used for phishing attacks.
Bleeping Computer
The LabHost phishing-as-a-service (PhaaS) platform has been disrupted in a year-long global law enforcement operation that compromised the infrastructure and arrested 37 suspects, among them the original developer.
Loading more articles....