Cisco should have a bit of a professional red face or black eye this week after hackers leaked data acquired from them due, in part, to a mistake. Cybersecurity News reports: The notorious hacker IntelBroker has leaked 2.9GB of data allegedly stolen from Cisco’s DevHub environment. This partial leak, disclosed on December 16, 2024, is […]
Another major US hospital system recently suffered a cyberattack. Bleeping Computer reported: The Texas Tech University Health Sciences Center and its El Paso counterpart suffered a cyberattack that disrupted computer systems and applications, potentially exposing the data of 1.4 million patients. The organization is a public, academic health institution that is part of the Texas Tech […]
Deloitte has been getting its name in the news this month, but not in a good way. First, a ransomware group named “Brain Cipher” claimed to have attacked Deloitte UK. Deloitte responded to their claims by denying that their network was breached and stating that the breach involved a single client’s system that is not […]
There is an update to the reports of a Cleo file transfer vulnerability being exploited by hackers. Bleeping Computer reports that the same actors who were responsible for the massive MoveIT breach have also claimed responsibility for the Cleo breach: The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo […]
Here we go again: threat actors are taking advantage of vulnerabilities in file transfer products. This time it is Cleo file transfer products. The Record reports: Cybersecurity researchers are warning that vulnerabilities in several file transfer products are being exploited by hackers, even after a patch was released by the developer. The vulnerability — CVE-2024-50623 — was […]
The U.S. Treasury Department has sanctioned Chinese cybersecurity company Sichuan Silence and one of its employees for their involvement in a series of Ragnarok ransomware attacks targeting U.S. critical infrastructure companies and many other victims worldwide in April 2020. BleepingComputer reports: According to the Department’s Office of Foreign Assets Control (OFAC), Sichuan Silence is a […]
New York State Attorney General Letitia James announced another data security enforcement settlement yesterday. HIPAA Journal writes: A New York healthcare provider that experienced a breach of the personal and protected health information of 242,641 New Yorkers has been ordered to pay a financial penalty of $550,000 and take steps to strengthen its data security […]
Security Affairs reports that the ransomware group known as “8Base” claims to have attacked Croatia’s Port of Rijeka and to have stolen data. The CEO of the port, Duško Grabovac, told news outlet Novi list that despite threats actors stole some data, the incident had no impact on the operations at the post and that they will […]
SC Media reports that Chemonics International, a major contractor for the U.S. Agency for International Development (USAID) has provided notice of a months-long breach that began in May 2023. The unauthorized intrusion and data access reportedly affected 263,136 people. The intrusion was first detected on December 15, 2023, but the intrusion was not successfully terminated […]
