Cyber Security

Frontier Communications Corporation revealed a significant cyber incident occurring on April 14, 2024, causing a notable operational disruption due to unauthorized access to its IT infrastructure. Upon detection, the telecommunications giant promptly activated its cyber incident response protocols, swiftly shutting down select systems to contain the breach. Investigations by the company identified a cybercrime group...

ACTS Retirement Services, a senior living community operator, has reached a settlement agreement in a class action lawsuit stemming from a data breach that occurred in April 2022. The settlement aims to resolve claims that ACTS failed to adequately protect patient and employee information, which was allegedly compromised during the breach. While the company has...

A debilitating cyberattack on Change Healthcare has imposed significant financial strains on the Massachusetts health care system, costing approximately $24 million per day. The Massachusetts Health and Hospital Association (MHA) revealed this staggering figure on Monday, based on input from 12 hospitals and health systems affected by the attack. The cyber incident, which occurred on...

A new cybersecurity threat has emerged as threat actors utilize Facebook messages to distribute a Python-based information stealer known as Snake. Designed to capture credentials and sensitive data, Snake has been implicated in a campaign that transmits harvested credentials to various platforms, including Discord, GitHub, and Telegram. The campaign, first reported on the social media...

IBM has unveiled the IBM X-Force Cyber Range in downtown Washington, D.C., at its offices on 600 14th Street, NW, situated near the White House. The new facility aims to provide comprehensive cyber response training to federal agencies and their suppliers, equipping them with the skills needed to combat artificial cyber attacks and data...

A cyberattack targeting one of the largest healthcare payment systems in the country has entered its third week, causing significant disruptions to patient care and financial operations. On February 21, Change Healthcare, a unit of UnitedHealth Group, fell victim to a cyber intrusion, compromising patients' information and leading to delays in prescriptions and paychecks...

A new malware campaign, dubbed "Spinning YARN" by cloud security company Cado, is targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services. The campaign aims to deliver a cryptocurrency miner and establish persistent remote access through a reverse shell. According to Cado security researcher Matt Muir, threat actors exploit...

According to the FBI's annual Internet Crime Report, Americans reported losses of over $12.5 billion to online fraud in 2023, marking a 22% increase from the previous year. The report, compiled from data gathered by the FBI's Internet Crime Complaint Center (IC3), highlights a significant rise in various forms of fraud, with investment fraud...

The city of Hamilton, Canada, is grappling with the aftermath of a ransomware attack that has disrupted nearly all aspects of government operations, leaving the timeline for recovery uncertain. Since the discovery of the ransomware attack on February 25, city officials have been tirelessly working to restore services. As of Wednesday, critical services such as...

The United States government has added Canadian network intelligence firm Sandvine to its Entity List, effectively prohibiting organizations from engaging in trade with the company. Based in Waterloo, Ontario, Sandvine offers network policy control products aimed at supporting networking policies for congestion management, security, and censorship. The move comes after the US Department of Commerce...

A security vulnerability has been uncovered in the LiteSpeed Cache plugin for WordPress, potentially allowing unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in version 5.7.0.1 released in October 2023. Patchstack researcher Rafie Muhammad highlighted that the plugin is susceptible to an unauthenticated site-wide stored cross-site scripting (XSS) vulnerability. This...

Cybersecurity and intelligence agencies from multiple countries have issued a joint advisory urging users of Ubiquiti EdgeRouter to take immediate protective measures in the wake of a botnet threat known as MooBot. The advisory comes weeks after law enforcement dismantled the botnet in an operation codenamed Dying Ember. MooBot, attributed to a Russia-linked threat actor...

The United States government has issued a warning regarding the resurgence of BlackCat ransomware attacks, also known as ALPHV, targeting the healthcare sector as recently as this month. According to an updated advisory from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human...

U.S. President Joe Biden is poised to sign an executive order on Wednesday aimed at thwarting the large-scale transfer of Americans' sensitive personal data to countries like China. Primarily targeting data brokers, the order will instruct the Department of Justice to commence a rule-making process aimed at curbing the bulk transfer of data to "countries...

A ransomware gang has demanded a hefty sum of $3.4 million following an attack on Lurie Children’s Hospital in Chicago, compelling staff to resort to manual processes to ensure patient care. The cyber assault on Lurie Children’s Hospital was disclosed earlier this month, prompting officials to take their entire network offline due to an unspecified...