Data Breach Today

APRIL 16, 2024

Financially Motivated Threat Group Embeds Malicious Code in Images Financially motivated hackers are using the oldie-but-goodie technique of hiding malicious code in digital images to target businesses in Latin America, say security researchers. One image containing a PowerShell script results in Agent Tesla being loaded on the victim computer.

Security 190

Security 190

Data Breach Today

APRIL 16, 2024

Parent Company UHG Is a No-Show at Hearing & Faces Data Leak, Attack Costs of $1.6B The aftershocks of the Change Healthcare cyberattack are still reverberating through the healthcare sector nearly 60 days into the recovery process. But on Tuesday, members of Congress and industry experts grappled with how to avoid a future replay - minus a key witness: UnitedHealth Group.

167

167

Data Breach Today

APRIL 16, 2024

Only 8.35% of Windows Users Had Migrated to Windows 11 by May 2023 Microsoft announced in December that support for Windows 10 will end when the OS reaches end of life in October 2025, yet enterprise adoption of Windows 11 is moving slowly. Enterprise leaders believe migrating to the new OS will lead to compatibility issues and increase costs to upgrade devices.

Risk 157

Risk Security 157

Data Breach Today

APRIL 16, 2024

Fresh Social Engineering Attacks Resemble Tactics Used Against XZ Utils Maintainer Major open-source software projects are warning that more pieces of code than XZ Utils may have been backdoored by attackers, based on ongoing supply-chain attack attempts that have targeted "popular JavaScript projects," apparently seeking to trick them into sharing code maintainer rights.

176

176

Data Breach Today

APRIL 16, 2024

New Program Pairs Universities and Students With Small, Resource-Poor Organizations A new initiative in the U.S. is pairing college students with university researchers to strengthen cybersecurity defenses for resource-poor organizations and small businesses. The program serves as both an educational platform and a way for students to gain practical field experience.

Cybersecurity 157

Cybersecurity Education 157

Data Breach Today

MARCH 11, 2024

CEO Hock Tan: Joining Carbon Black, Symantec Generates More Value for Shareholders Months after declaring "Carbon Black is Back," the endpoint security unit was gobbled up by Broadcom and folded into its Symantec security team. "We would generate more value to our shareholders by taking Carbon Black - which is not that big - and integrating it into Symantec," CEO Hock Tan said.

Sales 297

Sales Security IT 297

Data Breach Today

MARCH 1, 2024

Also: Addressing Scotland's Cybercrime Surge; NOC and SOC Convergence In the latest weekly update, ISMG editors discussed the convergence of the NOC and SOC functions, Scottish Police efforts to address the escalating challenge of cybercrime in Scotland, and why OpenAI is pushing to dismiss certain aspects of The New York Times lawsuit.

277

277

Data Breach Today

MARCH 1, 2024

Calls Grow to Block Browser-Based Password Storage as Malware Comes Calling Saving passwords in browser-based password managers or via "remember my details" website options might make for simple and fast log-ins for employees, but they also give attackers an easy way to lift legitimate credentials, oftentimes via highly automated, information-stealing malware, experts warn.

Passwords 332

Passwords 332

Data Breach Today

FEBRUARY 21, 2024

Customer Accounts Were Secured by MFA, But Contractor's Credentials Exposed Data Australian telecom company Tangerine is blaming the compromise of a third-party contractor's credentials for exposing personal information of 232,000 customers, which had been stored in a legacy database. The breach exposed customers' names, birthdates, mobile numbers, addresses and account numbers.

Security 225

Security 225

Data Breach Today

FEBRUARY 21, 2024

US Coast Guard Will Publish Proposed Rule Establishing Cybersecurity Minimums U.S. President Joe Biden is set Wednesday to sign an executive order aimed at bolstering cybersecurity in maritime ports, including a directive for the Coast Guard to develop minimum cybersecurity standards for the marine transportation system.

Cybersecurity 235

Cybersecurity 235

Data Breach Today

FEBRUARY 21, 2024

3 Suspects Charged With Using Sugar Ransomware, Phishing Attacks Against Russians Russian authorities have reportedly arrested three accused members of the SugarLocker ransomware-as-a-service operation. Their alleged crime? Targeting Russians, although one suspect has also been tied to a massive hack of Australian health insurer Medibank and subsequent data leak.

Insurance 271

Insurance Ransomware Phishing 271

Data Breach Today

FEBRUARY 1, 2024

What Will 2024 Be Like If the Healthcare Sector Doesn't Step Up? Thanks to the massive Anthem hack, for nearly a decade 2015 has been the record year for U.S. health data breaches - with 112.5 million people affected. But 2023 shattered that record, big-time. Will 2024 be another banner year for health data compromises?

Data breaches 266

Data breaches 266

Data Breach Today

FEBRUARY 1, 2024

Also: Cloudflare Was Hacked With Stolen Okta Token This week, former CIA programmer gets 40-year sentence, zero trust prevents widespread damage, possible ransomware attack in Georgia, alleged hacker detained in Ukraine, USB-spread malware in Italy, LockBit attack on non-bank home mortgage lender, and Ukrainian critical infrastructure disrupted.

Ransomware 303

Ransomware 303

Data Breach Today

JANUARY 23, 2024

British Lawmakers Call on Government to Boost Protections From AI Scams Generative artificial intelligence-enabled ransomware and nation-state hacks in the United Kingdom are "almost certainly" likely to surge after this year, the National Cyber Security Center warned. And British lawmakers called on the government to roll out measures to prevent AI scams.

Artificial Intelligence 279

Artificial Intelligence Ransomware Government Security 279

Data Breach Today

JANUARY 23, 2024

Study Looks at Impact of AI on Tasks Requiring Visual Processing Artificial intelligence may not steal our jobs just yet, but only because humans are currently cheaper to employ. Many of the human jobs that could be replaced with AI are not "economically beneficial" to automate - at least for now - say researchers at MIT.

Artificial Intelligence 268

Artificial Intelligence 268

Data Breach Today

JANUARY 23, 2024

US Cyber Agency Director Is Latest High-Profile Target of Dangerous Swatting Attack The director of the U.S. Cybersecurity and Infrastructure Security Agency confirmed she was the apparent target of a swatting attack in which police responded to false calls of a shooting at her Virginia residence on Dec. 30, 2023. In a statement, Easterly described the experience as "harrowing.

Cybersecurity 268

Cybersecurity Security 268

Data Breach Today

JANUARY 23, 2024

Researcher Reported Configuration Issue to Cloud Vendor After Lab Failed to Respond An unsecured database appearing to belong to a Netherlands-based medical laboratory exposed 1.3 million records on the internet, including COVID test results and other personal identifiable information, said a security researcher who discovered the trove and reported his findings to the company.

Cloud 293

Cloud Security 293

Data Breach Today

NOVEMBER 30, 2023

Agencies Face Array of Implementation Challenges While Racing Toward 2024 Deadline A National Institute of Standards and Technology official said agencies are facing a variety of challenges in implementing enterprisewide zero trust architectures, from a lack of insight into their network components to difficult decisions around legacy systems and costly procurement initiatives.

274

274

Data Breach Today

NOVEMBER 30, 2023

Crouse Health Reveals It's Among PJ&A Clients Hit by Incident Affecting Millions New York regulators are warning millions of individuals of identity theft risks involving a data theft at a medical transcriber that has now affected patients of at least two major healthcare groups, including Crouse Health and Northwell Health in the state. Lawsuits in the case are also piling up.

Risk 284

Risk IT 284

Data Breach Today

NOVEMBER 30, 2023

In the constant struggle to manage the other five pillars - identify, protect, detect, respond and recover - security leaders often do not have governance at top of mind, said Netography CEO Martin Roesch, but he added, "Good governance is the root of having good security.

Government 285

Government IT Security 285

Data Breach Today

NOVEMBER 20, 2023

77 Million Individuals' Information Exposed, as More Victims Continue to Be Counted Trackers of the tally of individuals affected by the Clop ransomware group's mass hack attack on MOVEit servers added another 4.5 million patients' data to the ever-ascending total. The incident currently affects more than 2,600 organizations and 77 million individuals.

Ransomware 296

Ransomware 296

Data Breach Today

NOVEMBER 20, 2023

'LitterDrifter' Worm Is Designed to Support Large-Scale Collection Operation A hacking group linked to Russian domestic intelligence and known as Gamaredon is deploying a worm dubbed "LitterDrifter" that is spread through thumb drives to attack Ukrainian organizations. LitterDrifter has two functions: automatic propagation and communication with command-and-control servers.

Communications 267

Communications 267

Data Breach Today

OCTOBER 29, 2023

North Korean Hackers Repeatedly Target Known Flaws in Legitimate Software North Korean hackers are spreading malware through known vulnerabilities in legitimate software. In a new campaign spotted by Kaspersky researchers, the Lazarus group is targeting a version of an unnamed software product with vulnerabilities reported and patches available.

313

313

Data Breach Today

OCTOBER 8, 2023

Here's How Israeli Security Execs Reacted to the Attack by Palestinian Militants Israeli cybersecurity leaders reacted Saturday with shock, defiance and resolve to an unprecedented land, sea and air assault by Palestinian militants from Gaza. Much of the Israeli cybersecurity community's anger stems from the deliberate targeting of children and the elderly by Hamas militants.

Cybersecurity 316

Cybersecurity Security 316

Data Breach Today

OCTOBER 7, 2023

The use of generative AI is being "highly explored" in healthcare and has great promise for a variety of applications, but it needs to be scrutinized closely, said Erik Decker, vice president and CISO of Intermountain Health and a cybersecurity adviser to the federal government.

Cybersecurity 292

Cybersecurity Government IT 292

Data Breach Today

OCTOBER 7, 2023

Brand-New Android Smartphones, Tablets and Connected TVs Harboring Trojan Backdoor Tens of thousands of knockoff Android products manufactured in China including TV streaming boxes reached consumers infected with malware, say cybersecurity researchers. Human Security says it uncovered a related operation that earned millions per month in an online advertising fraud scheme.

Manufacturing 284

Manufacturing Cybersecurity Security IT 284

Data Breach Today

AUGUST 27, 2023

'Whiffy Recon' Uses WiFi Access Points, Google API for Geolocation A backdoor Trojan known as SmokeLoader is deploying a customized WiFi scanning executable to triangulate the location of infected Windows devices. The malware, dubbed "Whiffy Recon," uses nearby WiFi access points as a data point for Google's geolocation API.

Access 244

Access 244

Data Breach Today

AUGUST 7, 2023

Scammers Used Malware and Spoofed Domain Name to Trick UK Financial Services Firm A Nigerian national has pleaded guilty to participating in a business email compromise scheme that stole $1.25 million from a Boston investment firm. Perpetrators used malware to intercept an employee's emails as well as spoofed email accounts to trick the employee's London financial services firm.

Financial Services 246

Financial Services 246

Data Breach Today

AUGUST 7, 2023

Vulnerability Could Allow Attackers to Read, Delete or Upload Arbitrary Files A recently identified security vulnerability in PaperCut print management software holds the potential for high-severity outcomes and could let unauthorized hackers run code remotely. The software is used in a wide array of environments, including large printer fleets supporting over 100,000 users.

Security 245

Security 245

Data Breach Today

AUGUST 7, 2023

New Ransomware Group Branches Out, Hits Multiple Hospitals, Provider Networks Authorities are sounding the alarm about double-extortion attacks against healthcare and public health sector organizations by a relatively new ransomware-as-a-service group, Rhysida, which until recently had mainly focused on entities in other industries.

Ransomware 236

Ransomware 236

Data Breach Today

AUGUST 7, 2023

Educators Gird For Fresh Ransomware Attacks as Students Set to Return to School The Biden administration says it wants to get ahead of ransomware attacks against schools before K-12 education soon resumes for the fall. "We must take cyberattacks on our schools just seriously as we take physical attacks on critical infrastructure," said Cindy Marten, education deputy secretary.

Education 242

Education Cybersecurity Ransomware IT 242

Data Breach Today

JULY 19, 2023

Many critical infrastructure sector organizations, especially smaller entities, will likely struggle to comply with an upcoming requirement to report cyber incidents to federal regulators within 72 hours - due to an assortment of reasons, said Stanley Mierzwa of Kean University.

189

189

Data Breach Today

JULY 19, 2023

Proposed Cybersecurity-Labeling Program to Certify Consumer IoT Devices The Biden administration on Tuesday initiated a nationwide cybersecurity certification and labeling program aimed at helping consumers choose smart devices that offer enhanced protection against hacking risks. Products will have a QR code and follow NIST standards.

IoT 185

IoT Cybersecurity Risk 185

Data Breach Today

JULY 19, 2023

E3 Licensees Unlock Access to More Cloud Logs After Only E5 Clients Could Spot Hack Microsoft customers will gain access to expanded cloud logging capabilities at no additional cost just days after lower-level customers were unable to detect a Chinese cyberattack. CISA has identified several security logs - critical to detect and prevent threat activity - that currently cost extra.

Access 187

Access Cloud Security 187

Data Breach Today

JULY 19, 2023

Novel.NET Backdoor DeliveryCheck Sends a Variety of Secondary Payloads The Russian Turla hacker group has targeted the Ukrainian defense sector and other Eastern European entities with a novel backdoor, dubbed DeliveryCheck, to deploy secondary payloads likely used for espionage, according to security researchers at Microsoft.

Security 188

Security 188

Data Breach Today

JULY 19, 2023

Bot Accounts Also Used to Illegally Distribute Ukrainians' Personal Data The Ukrainian Cyber Police dismantled yet another large-scale bot farm spreading Russian propaganda over social media. Cyber police seized nearly 150,000 SIM cards of different mobile operators used in the campaign to create fake social media profiles.

Personal data 172

Personal data 172

Data Breach Today

JULY 19, 2023

Consider Domains, Features, Ease of Integration, Scalability and Vendor Support API security platforms have become an essential part of any organization's cybersecurity strategy, but with so many options available, it can be difficult to know how to choose the right one. In this article, we'll discuss how to evaluate API security platforms and what factors to consider.

Security 239

Security Cybersecurity IT 239