Security News

US says China's Volt Typhoon is readying destructive cyberattacks
2024-02-07 19:11

The US government today confirmed that China's Volt Typhoon crew comprised "Multiple" critical infrastructure org's IT networks, and warned that the state-sponored hackers are readying "Disruptive or destructive cyberattacks" against these targets. "Volt Typhoon's choice of targets and pattern of behavior is not consistent with traditional cyber espionage or intelligence gathering operations, and the US authoring agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves on IT networks to enable lateral movement to OT assets to disrupt functions," the 12 government agencies warned.

Lurie Children's Hospital back to pen and paper after cyberattack
2024-02-05 14:45

Lurie Children's Hospital said it pulled network systems offline as it continues to respond to "a cybersecurity matter" alongside outside experts and law enforcement agencies. "Lurie Children's Hospital said in a statement:"As Illinois' leading provider for pediatric care, our overarching priority is to continue providing safe, quality care to our patients and the communities we serve.

Clorox says cyberattack caused $49 million in expenses
2024-02-03 21:34

Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident. On August 11th, Clorox suffered a cyberattack that caused significant disruption in the company's operation, leading to lowered production and decreased availability of consumer products.

Lurie Children's Hospital took systems offline after cyberattack
2024-02-02 16:23

Lurie Children's Hospital in Chicago was forced to take IT systems offline after a cyberattack, disrupting normal operations and delaying medical care in some instances. Lurie Children's is a Chicago-based pediatric acute care hospital with 360 beds, 1,665 physicians covering 70 sub-specialties, and 4,000 medical staff and employees.

How SMBs can lower their risk of cyberattacks and data breaches
2024-01-30 16:23

Enforcing a password policy that helps end-users create stronger passwords and blocks the use of weak and common phrases will make it more difficult for hackers. Specops data shows that 83% of compromised passwords satisfied both length and complexity requirements of regulatory password standards.

Keenan warns 1.5 million people of data breach after summer cyberattack
2024-01-29 22:39

Keenan & Associates is sending notices of a data breach to 1.5 million customers, warning that hackers accessed their personal information in a recent cyberattack.Since 2017, it has been part of AssuredPartners NL, one of the largest brokerage firms in the U.S. The company submitted a notification to the Office of the Maine Attorney General, warning that 1,509,616 people were impacted by a data breach incident that occurred in the summer of 2023.

Guess the company: Takes your DNA, blames you when criminals steal it, can’t spot a cyberattack for 5 months
2024-01-26 16:00

Biotech and DNA-collection biz 23andMe, the one that blamed its own customers for the October mega-breach, just admitted it failed to detect any malicious activity for the entire five months attackers were breaking into user accounts. In a collection of data breach notifications filed with California's attorney general Rob Bonta, 23andMe revealed attackers were using credential stuffing techniques between April 29 and September 27, 2023.

AI expected to increase volume, impact of cyberattacks
2024-01-25 10:12

All types of cyber threat actor are already using artificial intelligence to varying degrees, UK National Cyber Security Centre's analysts say, and predict that AI "Will almost certainly increase the volume and heighten the impact of cyberattacks over the next two years." Although AI is used by all types of cyber threat actors, it will particularly benefit less-skilled ones, as it will enhance their ability to carry out social engineering attacks and create convincing phishing emails.

Global fintech firm EquiLend offline after recent cyberattack
2024-01-24 16:36

New York-based global financial technology firm EquiLend says its operations have been disrupted after some systems were taken offline in a Monday cyberattack."On January 22, 2024, EquiLend identified a technical issue that placed portions of our systems offline," an EquiLend spokesperson told BleepingComputer today.

Why cyberattacks mustn’t be kept secret
2024-01-23 06:00

Over half of security professionals admit their organizations maintain a culture of security through obscurity, with over one-third admitting they are completely secretive about their cybersecurity activities. While many organizations may fear reputational or monetary damage from proactively sharing findings from vulnerabilities and incidents, I've found the contrary to be true: Embracing a culture of cybersecurity transparency is good for business and for the broader security of the internet.