Bloomberg Law reports: Pilfered snapshots of patients baring their bodies ahead of life-saving cancer operations and plastic surgeries are unexpectedly landing in the vast landscape of the public internet after cyberattacks, as hackers seek new ways to turn a profit. Campaigns to extort victims during ransomware attacks against health-care providers are evolving, according to lawsuits […]
The Herald Sun reports: Medibank has thanked the Albanese government for pursuing the Russian hacker behind Australia’s worst cyber attack, although a leading IT security expert warns it is unlikely to deter further data breaches. The government named Russian man Aleksandr Ermakov as the perpetrator of the October 2022 Medibank data breach, imposing new sanctions on the […]
Jeremy Fowler reports: Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained nearly 1.3 million records, which included COVID-19 testing information and personally identifiable information such as the patient’s name, date of birth, and passport number. The publicly exposed database contained an estimated 1.3 million records that included 118,441 certificates, […]
Ars Technica reports: Read more at Ars Technica.
ITPro reports: Nearly half of workers responsible for email security breaches over the last year have been sacked, according to new search, as cyber leaders begin taking a tougher stance amid a surge in attacks. Research from cyber security firm Egress found that 94% of organizations globally have experienced a serious email security incident in […]
Tip Ranks reports: V.F. Corp., the name behind brands such as The North Face, Timberland, Dickies, and Vans, announced that a cyber incident in December resulted in the data breach of nearly 35.5 million customers. Last month, the cyber incident hampered VFC’s order fulfillment on its eCommerce portal. At the time, the company expected the […]
In its The State of Ransomware in the U.S. report for 2023, Emsisoft opined that the only solution to the ransomware crisis is to completely ban ransomware payments. That recommendation has generated some discussion, and now Becker’s has also reached out to health system CISOs to get their reaction to the recommendation. The majority’s opinion […]
Today’s General Counsel reports: Genetic testing company 23andMe, which is facing more than 30 lawsuits from the victims of a massive data breach, is claiming that the victims themselves are to blame for the loss of their own data, TechCrunch reports. In a letter to hundreds of 23andMe users suing the company, 23andMe said the victims “negligently […]
Bleeping Computer reports: Today, CISA ordered U.S. federal agencies to secure their systems against three recently patched Citrix NetScaler and Google Chrome zero-days actively exploited in attacks, pushing for a Citrix RCE bug to be patched within a week. The cybersecurity agency added the flaws to its Known Exploited Vulnerabilities Catalog today, saying that such vulnerabilities are “frequent attack […]
SEC Confirms Cyberattack on X Account via SIM-Swapping
The Cyber Express reports: The U.S. Securities and Exchange Commission (SEC) has officially confirmed a cyberattack on its X account, revealing that the breach was a result of a SIM-swapping attack on the cell phone number associated with the account. The incident of the SEC X account hacked, which occurred on January 9, 2024, initially involved […]