article thumbnail

A database containing data of +8.9 million Zacks users was leaked online

Security Affairs

Zacks is the leading investment research firm focusing on stock research, analysis, and recommendations. The company attempted to downplay the security breach by telling Have I Been Pwned that threat actors only had access to encrypted passwords. HIBP pointed out that the most recent record in the leaked database is dated May 2020.

article thumbnail

A 16-year-old bug (CVE-2021-3438) in printer driver affects millions of printers worldwide

Security Affairs

The discovery was casually made several months ago, while experts were configuring a brand new HP printer, and noticed that an old printer driver from 2005 called SSPORT.SYS was triggering an alert by Process Hacker. ” reads the analysis published by SentinelOne. ” continues the analysis.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

HHS Settles Potential HIPAA Violations with Concentra Health Services and QCA Health Plan Inc.

Hunton Privacy

OCR’s investigation found that Concentra had previously recognized that the lack of encryption was a “critical risk,” but the company’s efforts to address the issue were “incomplete and inconsistent over time.” QCA agreed to pay $250,000 and provide HHS with an updated risk analysis and corresponding risk management plan.

article thumbnail

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

Dave Kennedy started as forensic analysis and cyber warfare specialist in the US Marine Corps before entering the enterprise space. In-depth technical analysis of a new method of extracting user cardholder data from compromised websites using legit Google Analytics protocol ? Dave Kennedy | @hackingdave. Denial-of-Suez attack.

article thumbnail

OCR Settles Two HIPAA Cases with Public Health Centers in Oregon and Mississippi

Hunton Privacy

These vulnerabilities included (1) storing electronic protected health information (“ePHI”) on a cloud-based server without entering into a business associate agreement (“BAA”) with the cloud provider; (2) conducting inadequate risk analyses; and (3) failing to implement a mechanism to encrypt and decrypt ePHI.

article thumbnail

Outlaw is Back, a New Crypto-Botnet Targets European Organizations

Security Affairs

Shellbot is known since 2005 and even available on GitHub. Now, Shellbot has re-appeared in the threat landscape in a recent campaign, targeting organizations worldwide with a new IRC server and new Monero pools, so we decided to deepen the analysis. Technical Analysis. This is the “ Stage 1 ”. Figure 18: SSH traffic from C2.

Mining 100
article thumbnail

Top Cybersecurity Companies for 2021

eSecurity Planet

The solution includes cloud sandboxing technology, preventing zero-day threats, and full disk encryption capability for enhanced data protection. ESET Protect Advanced complies with data regulation thanks to full disk encryption capabilities on Windows and macOS. Founded: 2005. Get started today! Visit website. Check Point.