LATEST POST
FBI, European partners seize Quakbot malware network in blow to global cybercrime
U.S. officials said Tuesday that the FBI and its European partners infiltrated and seized control of a major global malware network used for more than 15 years to commit a gamut of online crimes including crippling ransomware attacks. They then remotely removed the malicious software agent — known as Qakbot — from thousands of infected […]
Texas Amends Data Breach Notification Law, Updates Effective September 1
Texas recently enacted an amendment to its data breach notification law. As of September 1, 2023, there are two changes to the requirements when notifying the Texas Attorney General. In Texas, breaches of 250 residents or more must be reported to the Attorney General. Now, as amended, this will need to be done so as soon as […]
Hackers use brute force and credential stuffing attacks on Cisco VPNs to breach networks
Hackers are targeting Cisco Adaptive Security Appliance (ASA) SSL VPNs in credential stuffing and brute-force attacks that take advantage of lapses in security defenses, such as not enforcing multi-factor authentication (MFA). Last week, BleepingComputer reported that the Akira ransomware gang was breaching Cisco VPNs for initial network access. Rapid7 security researchers have provided additional insights regarding these […]
Prospect Medical Holdings admits some confidential information was stolen in a cyberattack on Connecticut hospitals
Prospect Medical Holdings has now confirmed what already seemed clear to researchers and those who check leak sites. The threat actors did get files with personal information. Prospect Medical Holdings is confirming new details about a massive data theft from three Connecticut hospitals and others around the country in a nearly month-old cyber attack by a shadowy […]
Cyber insurance audit: Painful necessity, or a valuable opportunity?
Not that long ago, few companies even considered purchasing insurance to mitigate their financial exposure from a cyber incident, and for those that did, obtaining a policy was as easy as filling out an application and writing a check. Those days are now squarely in the rearview mirror. Today, companies everywhere are rushing to get cyber […]
MLB Hall of Famer David Ortiz reveals he is the victim of an extortion plot by hackers
Boston Red Sox legend David Ortiz has revealed that he is victim of an extortion plot by criminal network that has threatened to spill details of his personal life. The Hall of Famer posted a video to Instagram explaining that the the suspects had broken into an old cellphone, where they gained access to his […]
Prime Therapeutics/Magellan Rx discloses breach affecting BCBS of Minnesota members
Prime Therapeutics LLC / Magellan Rx has disclosed a breach that may have affected a subset of covered Blue Cross and Blue Shield of Minnesota members. According to their press release, on July 11, they became aware that an unauthorized actor obtained access to an employee’s mobile email account. That email account contained documents that included members’ personal […]
Should senior IT professionals be liable for breaches?
In July, SolarWinds CISO Tim Brown and CFO Bart Kalsu received Securities and Exchange Commission notices of potential enforcement action over alleged violation of securities laws. The issue stems from their response to the Russian hack of the Orion network monitoring software in 2020 — a product used by more than 30,000 organisations. This isn’t the first […]