Cyber Security

#

Massachusetts Healthcare System Grapples with $24 Million Daily Costs Amid Change Healthcare Cyberattack

A debilitating cyberattack on Change Healthcare has imposed significant financial strains on the Massachusetts health care system, costing approximately $24 million per day. The Massachusetts Health and Hospital Association (MHA) revealed this staggering figure on Monday, based on input from 12 hospitals and health systems affected by the attack. The cyber incident, which occurred on...

Threat Actors Exploit Facebook Messages with Python-Based Info Stealer, Snake

A new cybersecurity threat has emerged as threat actors utilize Facebook messages to distribute a Python-based information stealer known as Snake. Designed to capture credentials and sensitive data, Snake has been implicated in a campaign that transmits harvested credentials to various platforms, including Discord, GitHub, and Telegram. The campaign, first reported on the social media...

IBM Launches X-Force Cyber Range in Washington, D.C., to Train Federal Agencies and Suppliers in Cyber Response

IBM has unveiled the IBM X-Force Cyber Range in downtown Washington, D.C., at its offices on 600 14th Street, NW, situated near the White House. The new facility aims to provide comprehensive cyber response training to federal agencies and their suppliers, equipping them with the skills needed to combat artificial cyber attacks and data...

Cyberattack on Healthcare Payment System Enters Third Week, Disrupting Patient Care and Financial Operations

A cyberattack targeting one of the largest healthcare payment systems in the country has entered its third week, causing significant disruptions to patient care and financial operations. On February 21, Change Healthcare, a unit of UnitedHealth Group, fell victim to a cyber intrusion, compromising patients' information and leading to delays in prescriptions and paychecks...

Emerging Malware Campaign Targets Misconfigured Servers for Cryptocurrency Mining and Remote Access

A new malware campaign, dubbed "Spinning YARN" by cloud security company Cado, is targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services. The campaign aims to deliver a cryptocurrency miner and establish persistent remote access through a reverse shell. According to Cado security researcher Matt Muir, threat actors exploit...

FBI Report: Americans Lost Record $12.5 Billion to Online Fraud in 2023

According to the FBI's annual Internet Crime Report, Americans reported losses of over $12.5 billion to online fraud in 2023, marking a 22% increase from the previous year. The report, compiled from data gathered by the FBI's Internet Crime Complaint Center (IC3), highlights a significant rise in various forms of fraud, with investment fraud...

Hamilton, Canada, Struggles with Ransomware Fallout as Recovery Timeline Remains Uncertain

The city of Hamilton, Canada, is grappling with the aftermath of a ransomware attack that has disrupted nearly all aspects of government operations, leaving the timeline for recovery uncertain. Since the discovery of the ransomware attack on February 25, city officials have been tirelessly working to restore services. As of Wednesday, critical services such as...

US Government Bans Trade with Canadian Firm Sandvine Over Alleged Role in Egyptian Mass Surveillance

The United States government has added Canadian network intelligence firm Sandvine to its Entity List, effectively prohibiting organizations from engaging in trade with the company. Based in Waterloo, Ontario, Sandvine offers network policy control products aimed at supporting networking policies for congestion management, security, and censorship. The move comes after the US Department of Commerce...

Security Vulnerability in LiteSpeed Cache Plugin for WordPress Raises Privilege Escalation Concerns

A security vulnerability has been uncovered in the LiteSpeed Cache plugin for WordPress, potentially allowing unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in version 5.7.0.1 released in October 2023. Patchstack researcher Rafie Muhammad highlighted that the plugin is susceptible to an unauthenticated site-wide stored cross-site scripting (XSS) vulnerability. This...

Global Cybersecurity Agencies Issue Urgent Advisory for Ubiquiti EdgeRouter Users Amidst MooBot Threat

Cybersecurity and intelligence agencies from multiple countries have issued a joint advisory urging users of Ubiquiti EdgeRouter to take immediate protective measures in the wake of a botnet threat known as MooBot. The advisory comes weeks after law enforcement dismantled the botnet in an operation codenamed Dying Ember. MooBot, attributed to a Russia-linked threat actor...

US Government Warns of BlackCat Ransomware Resurgence Targeting Healthcare Sector

The United States government has issued a warning regarding the resurgence of BlackCat ransomware attacks, also known as ALPHV, targeting the healthcare sector as recently as this month. According to an updated advisory from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human...

Biden to Sign Executive Order Preventing Transfer of Americans’ Sensitive Data to China and Other Countries

U.S. President Joe Biden is poised to sign an executive order on Wednesday aimed at thwarting the large-scale transfer of Americans' sensitive personal data to countries like China. Primarily targeting data brokers, the order will instruct the Department of Justice to commence a rule-making process aimed at curbing the bulk transfer of data to "countries...

Ransomware Gang Demands $3.4 Million After Targeting Chicago Children’s Hospital

A ransomware gang has demanded a hefty sum of $3.4 million following an attack on Lurie Children’s Hospital in Chicago, compelling staff to resort to manual processes to ensure patient care. The cyber assault on Lurie Children’s Hospital was disclosed earlier this month, prompting officials to take their entire network offline due to an unspecified...

Hochschule Kempten, German Applied Sciences University, Targeted in Criminal Cyberattack

Hochschule Kempten, a prominent university of applied sciences located in Kempten, Germany, has disclosed falling victim to a criminal cyberattack that necessitated the shutdown of its IT infrastructure. The institution, situated in Bavaria near the mountainous border with Austria, caters to approximately 5,500 students and stands as the latest target in a series of cyber...

Malicious Code in Tornado Cash Governance Proposal Compromises Privacy of Ethereum Transactions

A security breach in a Tornado Cash governance proposal has led to the leakage of deposit notes and data to a private server for nearly two months, jeopardizing the privacy and security of fund transactions conducted through IPFS deployments. Since January 1, transactions made via IPFS deployments such as ipfs.io, cf-ipfs.com, and eth.link gateways have...
- Advertisment -ad