Cyber Security

IBM has unveiled the IBM X-Force Cyber Range in downtown Washington, D.C., at its offices on 600 14th Street, NW, situated near the White House. The new facility aims to provide comprehensive cyber response training to federal agencies and their suppliers, equipping them with the skills needed to combat artificial cyber attacks and data...

A cyberattack targeting one of the largest healthcare payment systems in the country has entered its third week, causing significant disruptions to patient care and financial operations. On February 21, Change Healthcare, a unit of UnitedHealth Group, fell victim to a cyber intrusion, compromising patients' information and leading to delays in prescriptions and paychecks...

A new malware campaign, dubbed "Spinning YARN" by cloud security company Cado, is targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services. The campaign aims to deliver a cryptocurrency miner and establish persistent remote access through a reverse shell. According to Cado security researcher Matt Muir, threat actors exploit...

According to the FBI's annual Internet Crime Report, Americans reported losses of over $12.5 billion to online fraud in 2023, marking a 22% increase from the previous year. The report, compiled from data gathered by the FBI's Internet Crime Complaint Center (IC3), highlights a significant rise in various forms of fraud, with investment fraud...

The city of Hamilton, Canada, is grappling with the aftermath of a ransomware attack that has disrupted nearly all aspects of government operations, leaving the timeline for recovery uncertain. Since the discovery of the ransomware attack on February 25, city officials have been tirelessly working to restore services. As of Wednesday, critical services such as...

The United States government has added Canadian network intelligence firm Sandvine to its Entity List, effectively prohibiting organizations from engaging in trade with the company. Based in Waterloo, Ontario, Sandvine offers network policy control products aimed at supporting networking policies for congestion management, security, and censorship. The move comes after the US Department of Commerce...

A security vulnerability has been uncovered in the LiteSpeed Cache plugin for WordPress, potentially allowing unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in version 5.7.0.1 released in October 2023. Patchstack researcher Rafie Muhammad highlighted that the plugin is susceptible to an unauthenticated site-wide stored cross-site scripting (XSS) vulnerability. This...

Cybersecurity and intelligence agencies from multiple countries have issued a joint advisory urging users of Ubiquiti EdgeRouter to take immediate protective measures in the wake of a botnet threat known as MooBot. The advisory comes weeks after law enforcement dismantled the botnet in an operation codenamed Dying Ember. MooBot, attributed to a Russia-linked threat actor...

The United States government has issued a warning regarding the resurgence of BlackCat ransomware attacks, also known as ALPHV, targeting the healthcare sector as recently as this month. According to an updated advisory from the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human...

U.S. President Joe Biden is poised to sign an executive order on Wednesday aimed at thwarting the large-scale transfer of Americans' sensitive personal data to countries like China. Primarily targeting data brokers, the order will instruct the Department of Justice to commence a rule-making process aimed at curbing the bulk transfer of data to "countries...

A ransomware gang has demanded a hefty sum of $3.4 million following an attack on Lurie Children’s Hospital in Chicago, compelling staff to resort to manual processes to ensure patient care. The cyber assault on Lurie Children’s Hospital was disclosed earlier this month, prompting officials to take their entire network offline due to an unspecified...

Hochschule Kempten, a prominent university of applied sciences located in Kempten, Germany, has disclosed falling victim to a criminal cyberattack that necessitated the shutdown of its IT infrastructure. The institution, situated in Bavaria near the mountainous border with Austria, caters to approximately 5,500 students and stands as the latest target in a series of cyber...

A security breach in a Tornado Cash governance proposal has led to the leakage of deposit notes and data to a private server for nearly two months, jeopardizing the privacy and security of fund transactions conducted through IPFS deployments. Since January 1, transactions made via IPFS deployments such as ipfs.io, cf-ipfs.com, and eth.link gateways have...

The Hessen Consumer Center in Germany has fallen victim to a ransomware assault, leading to the shutdown of its IT systems and a temporary disruption in services. Hessen, a central state in Germany with over six million residents, encompasses Frankfurt, a prominent financial hub and the nation's second-largest metropolitan area. The Hessen Consumer Center, a nonprofit...

The Akira ransomware group has directed its cyber assault towards the municipality of Bjuv in Skåne County, South Sweden. The notorious hacker collective, recognized for its audacious cyber strikes against Swedish entities, has issued a warning on the dark web, threatening to disclose nearly 200GB of pilfered data from Bjuv Municipality's systems. The ransomware group's...