LATEST POST
Chinese Ghost Hackers Hit Hospitals And Factories In America And U.K.
Forbes reports: Now, a new threat intelligence report has revealed how financially motivated Chinese cybercriminals are targeting government offices, the energy sector, factories, financial services, and, yes, hospitals across the globe. However, North America and the U.K. have been most attacked by the Ghost ransomware hackers. According to a new report from Rebecca Harpur at […]
State-sponsored hackers embrace ClickFix social engineering tactic
Bleeping Computer reports: ClickFix attacks are gaining traction among threat actors, with multiple advanced persistent threat (APT) groups from North Korea, Iran, and Russia adopting the technique in recent espionage campaigns. ClickFix is a social engineering tactic where malicious websites impersonate legitimate software or document-sharing platforms. Targets are lured via phishing or malvertising and shown […]
Breaches Within Breaches: Contractual Obligations After a Security Incident
It is important to review any contract with a vendor or business associate in terms of who will be responsible for notifying affected customers or patients of any breach. A post by Robinson + Cole discusses a lawsuit stemming from a dispute over the responsibility of a business associate following a breach. According to the […]
100,000 Americans Exposed As Hertz Warns Customers’ Names, Contact Details, Credit Card Information, Social Security Numbers Leaked in Vendor’s Data Breach
The Daily Hodl reports: A car rental giant says sensitive customer data has been exposed in a cybersecurity incident involving one of its vendors. In a notice posted on its website, Hertz says that its vendor, Cleo Communications US, witnessed a zero-day vulnerability exploit late last year that enabled thieves to siphon customer data. Notifications on various […]
The PIPC Sanctions CLASSU and KT alpha for Violations of the PIPA
South Korea’s data protection regulator issued the following press release concerning recent enforcement actions (unofficial translation follows): – The PIPC calls for putting access control and other privacy-safeguarding measures in place in preparation for credential stuffing and other intrusion attempts The Personal Information Protection Commission (PIPC) held its eighth plenary meeting of 2025 and reached […]
KiloEx Hacker Returns Entire $7.5M Four Days After Exploit
CryptoNews reports: In a surprising turn of events, the hacker behind the $7.5 million exploit of decentralized exchange KiloEx has returned the entire sum just four days after the initial attack. On April 14, KiloEx suspended its perpetual futures trading platform following a severe security breach that resulted in attackers draining $7.5 million worth of cryptocurrency assets […]
Hackers take down Taiwan’s Wan Hai Lines website
Taiwan News reports: Shipping company Wan Hai Lines’ website was taken offline by hackers on Friday and remained down as of Saturday afternoon. Wan Hai confirmed the cyberattack, though it said the incident had no significant impact on operations, per Yahoo News. The company added that no breach of internal or employee information had occurred. Wan […]
UnitedHealth Adopts Aggressive Approach to Recover Ransomware Attack Loans
The HIPAA Journal reports: UnitedHealth Group has adopted an aggressive approach to recover outstanding balances on loans issued to healthcare providers affected by the February 2024 ransomware attack on Change Healthcare. The attack caused a prolonged outage of Change Healthcare’s systems, causing massive disruption to revenue cycles as providers were unable to submit claims. Many […]