LATEST POST
HealthAlliance of Hudson Valley Pays $550,000 to NYS; Failed to Address a Known Cybersecurity Vulnerability
New York State Attorney General Letitia James announced another data security enforcement settlement yesterday. HIPAA Journal writes: A New York healthcare provider that experienced a breach of the personal and protected health information of 242,641 New Yorkers has been ordered to pay a financial penalty of $550,000 and take steps to strengthen its data security […]
Croatia’s Port of Rijeka hacked by 8Base Ransomware Group
Security Affairs reports that the ransomware group known as “8Base” claims to have attacked Croatia’s Port of Rijeka and to have stolen data. The CEO of the port, Duško Grabovac, told news outlet Novi list that despite threats actors stole some data, the incident had no impact on the operations at the post and that they will […]
Chemonics discloses months-long breach affecting more than 263,000 people
SC Media reports that Chemonics International, a major contractor for the U.S. Agency for International Development (USAID) has provided notice of a months-long breach that began in May 2023. The unauthorized intrusion and data access reportedly affected 263,136 people. The intrusion was first detected on December 15, 2023, but the intrusion was not successfully terminated […]
Deloitte UK Hacked – Brain Cipher Group Claim to Have Stolen 1 TB of Data
GBHackers reports that threat actors known as Brain Cipher have claimed to have breached Deloitte UK and exfiltrated over 1 terabyte of sensitive data. According to statements released by Brain Cipher, they have exploited critical weaknesses within Deloitte UK’s cybersecurity infrastructure. The group has promised to unveil detailed information regarding the breach Read more at […]
Chinese hack of global telecom providers is ‘ongoing,’ officials urge people to use encrypted apps to communicate
The U.S. may not have totally kicked China-affiliated Salt Typhoon out of U.S. telecommunication systems, a new publication by CISA explains. Politico reports that CISA and the FBI are advising people to use encrypted communications: Jeff Greene, [executive assistant director of cybersecurity at the Cybersecurity and Infrastructure Security Agency], strongly urged Americans to “use your […]
Six password takeaways from the updated NIST cybersecurity framework
Specops Software has some useful advice to share and some of it may be surprising, Password security is changing — and updated guidelines from the National Institute of Standards and Technology (NIST) reject outdated practices in favor of more effective protections. Don’t have time to read the 35,000-word guidelines? No problem. Here are the six takeaways from NIST’s new […]
Uganda confirms hack of central bank accounts, official downplays extent of loss
On November 28, Reuters reported: A senior official at Uganda’s finance ministry confirmed that accounts in the country’s central bank had been hacked but he downplayed the extent of the losses. The Bank of Uganda had said late on Thursday it was awaiting a police investigation into a news report that offshore hackers stole 62 […]
Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested
The Hacker News reports that a notorious Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested: According to a news report from Russian media outlet RIA Novosti, Mikhail Pavlovich Matveev has been accused of developing a malicious program designed to encrypt files and seek ransom in return for a […]