Security News

Recent cyberattacks targeting the nation's healthcare system have demonstrated the vulnerability of hospitals and payment systems. In January of 2024, the Department of Health and Human Services launched a healthcare cybersecurity gateway website to simplify access to the Department's healthcare-specific cybersecurity information and resources and published voluntary Healthcare and Public Health Cybersecurity Performance Goals designed to help healthcare institutions plan and prioritize high-impact cybersecurity practices.

A large-scale phishing campaign is using an unusual lure to earn at least $900,000 by tricking email recipients into believing they're about to receive a baby grand piano for free. The campaign, discovered by email security firm Proofpoint, was launched in January 2024 and has distributed over 125,000 emails, mainly targeting North American university students and faculty.

First American Financial Corporation, the second-largest title insurance company in the United States, revealed Tuesday that a December cyberattack led to a breach impacting 44,000 individuals. As the financial services company shared in a statement published on December 21 providing very few details regarding the nature of the incident, First American was forced to take some of its systems offline today to contain the impact of a cyberattack.

Prescription management company Sav-Rx is warning over 2.8 million people in the United States that it suffered a data breach, stating that their personal data was stolen in a 2023 cyberattack. According to the data breach notification, their investigation took almost eight months and was completed on April 30, 2024, with the help of third-party experts.

The American Radio Relay League warns it suffered a cyberattack, which disrupted its IT systems and online operations, including email and the Logbook of the World. ARRL is the national association for amateur radio in the United States, representing amateur radio interests to government regulatory bodies, providing technical advice, and promoting events and educational programs for enthusiasts around the country.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor. BlackBerry attributed the attacks to FIN7 with a high level of confidence based on the use of unique PowerShell scripts using the adversary's signature 'PowerTrash' obfuscated shellcode invoker, first seen in a 2022 campaign.

Impersonation scams in the U.S. exceeded $1.1 billion in losses last year, according to statistics collected by the Federal Trade Commission, a figure that is three times higher than in 2020. The agency compiled this data based on 490,000 reported scams in 2023.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

The US House of Representatives has passed a bill that would prohibit data brokers from selling Americans' data to foreign adversaries with an unusual degree of bipartisan support: It passed without a single opposing vote. The Protecting Americans' Data from Foreign Adversaries Act of 2024 was introduced in the house earlier this month alongside the recently-passed TikTok ban bill and gives the Federal Trade Commission authority to go after any data broker that sells PII to North Korea, Russia, China or Iran, or any company controlled by those countries.