Reuters reports: Ukraine’s biggest mobile network operator, Kyivstar, was hit on Tuesday by what appeared to be the biggest cyber attack of the war with Russia so far, knocking out mobile and internet services for millions. Kyivstar has 24.3 million mobile subscribers – more than half of Ukraine’s population – as well as over 1.1 […]
Infosecurity Magazine reports: Proofpoint has warned recruiters of a skilled threat actor targeting them with emails designed to deploy malware. TA4557 is a financially motivated threat actor known to distribute the More_Eggs backdoor, which is designed to establish persistence, profile the targeted machine and drop additional payloads. Throughout 2022 and most of 2023 the actor has […]
SiliconAngle reports: Cisco Systems Inc.’s Talos Intelligence unit posted today new findings about the North Korean hacking group called Lazarus that outline new ways it’s targeting attacks. “We have observed Lazarus target companies in the manufacturing, agricultural and physical security sectors,” their analysts wrote in the post. The group has been around since 2010 and was responsible most recently […]
Dark Reading reports the findings of an Apple-commissioned study supports the adoption of end-to-end encryption to protect sensitive data from theft or misuse: In 2021 and 2022, data breaches exposed a staggering 2.6 billion personal records — some 1.5 billion of them last year alone. That number will likely be even higher in 2023 if […]
You have a massive data breach from a credential stuffing attack that affects millions of users’ sensitive genetic information, and then you change your terms of service to make it harder for people to sue you in the event of a data breach? How will that go over with the public and potential users? Bleeping […]
DataBreaches.net reports that RedSense has confirmed that the disappearance of AlphV’s (BlackCat’s) leak site on the dark web yesterday was due to law enforcement action. Law enforcement has not issued any press release as yet. Read more at DataBreaches.net.
The HIPAA Journal reports: In late September 2023, Indiana Attorney General Todd Rokita filed a lawsuit against CarePointe ENT over a ransomware attack and data breach that affected 48,742 individuals. A settlement has been reached that will see CarePointe pay $125,000 to resolve alleged violations of the Health Insurance Portability and Accountability (HIPAA) Act and […]
CBS reports: Russia-based hackers conducted a sophisticated cyber campaign against American intelligence officials, including contractors at the State and Defense Departments, as part of an international operation that included NATO members and Ukraine, the Justice Department alleged Thursday. Prosecutors accused an officer in Russia’s Federal Security Service (FSB) and another co-defendant of carrying out a […]
CBIZ KA is a third-party vendor for Prime Healthcare that was affected by the MOVEit breach. They have issued the following notice: CBIZ KA, a third-party vendor for Prime Healthcare (Prime), discovered a security incident involving CBIZ’s use of MOVEit Transfer software, which has recently reported a security vulnerability. Prime takes the responsibility of safeguarding […]
TechCrunch reports: housands of exposed servers are spilling the medical records and personal health information of millions of patients due to security weaknesses in a decades-old industry standard designed for storing and sharing medical images, researchers have warned. This standard, known as Digital Imaging and Communications in Medicine, or DICOM for short, is the internationally recognized […]
