LATEST POST
Remorseless extortionists claim to have stolen thousands of files from Freedman HealthCare
The Register reports: An extortion gang claims to have breached Freedman HealthCare, a data and analytics firm whose customers include state agencies, health providers, and insurance companies, and is threatening to dump tens of thousands of sensitive files early Tuesday morning. According to a claim posted Sunday on the shame site belonging to World Leaks, […]
Abilene invests nearly $1M to boost cyber defenses, restore systems after cyberattack
KTAB/KRBC reports: The Abilene City Council has unanimously approved nearly $1 million in funding to bolster cybersecurity efforts and restore systems after a recent cyberattack knocked out several city servers. Director of Information Technology Troy Swanson addressed the council Thursday, outlining the costs and detailing the recovery process. He said the investment is aimed at […]
Over 170k Records, Including PII Exposed in Real Estate Investment and Management Data Breach
Jeremiah Fowler, discovered and reported to Website Planet about an unencrypted and non-password-protected database that contained 170,360 records with a total size of 116.24GB. Fowler reports: Fowler reports that although the data appear to belong to Income Property Investments Inc., he could not determine whether they are responsible for the data storage misconfiguration or if a vendor […]
Cyberattack on Washington Post Strikes Journalists’ Email Accounts
The Wall Street Journal reports: A cyberattack on the Washington Post compromised email accounts of several journalists and was potentially the work of a foreign government, company officials told some affected staffers in recent days, according to people familiar with the situation. Staffers were told the intrusions compromised journalists’ Microsoft accounts and could have granted the intruder […]
YES24 apologizes for ransomware attack and plans customer compensation
YES24 is a South Korean booking and entertainment ticketing service. A ransomware attack on June 9 had impact on its services, as Chosun.Biz reports: Access to the website was completely halted, along with order histories and shipping. As a result, the entertainment industry also faced repercussions, with B.I postponing his fan meeting’s pre-sale schedule, and […]
WestJet Security Advisory
On June 13, WestJet posted a notice about a cybersecurity incident. They updated it on Saturday: WestJet is aware of a cybersecurity incident involving internal systems and the WestJet app, which has restricted access for several users. We have activated specialized internal teams in cooperation with law enforcement and Transport Canada to investigate the matter […]
CISA warns of SimpleHelp ransomware compromises after string of retail attacks
The Record reports: Ransomware gangs have been exploiting a vulnerability in remote device control software SimpleHelp during a recent string of attacks, according to federal cybersecurity officials. The Cybersecurity and Infrastructure Security Agency (CISA) warned on Thursday that CVE-2024-57727 — a vulnerability affecting SimpleHelp’s widely-used remote access tools — was exploited to “compromise customers of […]
Hackers are using Google.com to deliver malware by bypassing antivirus software. Here’s how to stay safe
TechRadar reports: A new browser-based malware campaign has surfaced, demonstrating how attackers are now exploiting trusted domains like Google.com to bypass traditional antivirus defenses. A report from security researchers at c/side, this method is subtle, conditionally triggered, and difficult for both users and conventional security software to detect. It appears to originate from a legitimate OAuth-related URL, but covertly […]