Security News
On Tuesday, the University of Michigan warned staff and students that they must reset their account passwords after a recent cyberattack."The University of Michigan is requiring all community members to change their UMICH password by the end of day on Tuesday, September 12," UMICH CISO Sol Bermann and CIO Ravi Pendse said in emails to university staff and students.
The Computer Emergency Response Team of Ukraine on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. "Visiting the link will download a ZIP archive containing three JPG images and a BAT file 'weblinks.cmd' to the victim's computer," CERT-UA said, attributing it to the Russian threat actor known as APT28.
The Coffee Meets Bagel dating platform confirms last week's outage was caused by hackers breaching the company's systems and deleting company data. Last week, Coffee Meets Bagel suffered a worldwide outage, with users upset that they could not coordinate planned dates or continue communicating with their matches.
Total number of malware-based attacks: 1,578,733 Number of unique attacks: 200,454 Average number of cyberattacks per day: 17,280 Average number of cyberattacks per hour: 720 Average number of attacks per minute: 12 Average number of new malware variants per minute: 1.5. Attacks ramped up again as cybercriminals got back to work in the new year.
The University of Michigan has taken all of its systems and services offline to deal with a cybersecurity incident, causing a widespread impact on online services the night before classes started. University of Michigan is one of the oldest and largest educational institutes in the United States, employing over 30,000 academic and administrative staff and having roughly 51,000 students.
To the importance of application security testing, we will also discuss the different areas of vulnerability testing and its various phases. Finally, we will provide details on how a long-term preventative solution such as PTaaS can protect e-commerce businesses and the differences between continuous testing and standard pen testing.
Believed to be one of the leaders of the group, Arion Kurtaj, from Oxford, England, was arrested twice in 2022, first in January and then again in March, in connection with Lapsus$ hacking activity. Kurtaj used more than a dozen online names, White and Breachbase among them, and is believed to have made more than 300 BTC from his hacking activity, SIM-swapping included.
In this Help Net Security interview, Dr. Omar Sangurima, Principal Technical Program Manager at Memorial Sloan Kettering Cancer Center, discusses the impact of cyberattacks on patient safety and care delivery, emphasizing how disruptions to critical healthcare services can harm patients and even lead to life-threatening situations. The consequences of a successful cyberattack on a healthcare organization can be severe, including the compromise of patient data and potential harm to patients.
Digital threat actors are adopting evolving tactical behaviors, opting for different types of malicious attacks compared to previous years, according to SonicWall. Overall intrusion attempts were...
The U.S. SEC has introduced new rules for publicly traded companies to disclose cyberattacks within four business days if they are considered significant to investors. Foreign private issuers are also required to provide equivalent disclosures. SEC Chair Gary Gensler stated that consistent and comparable disclosure would benefit both companies and investors.The rules demand listed companies to include cyberattack details in periodic report filings (8-K forms). These rules will be effective from December or 30 days after publication in the Federal Register. Smaller companies will have an additional 180 days to comply. Disclosure timelines may be delayed if immediate disclosure poses a risk to national security or public safety.