Security News

Researcher Alissa Knight with Approov tried to break into the APIs of 30 different mHealth app vendors, with the agreement she wouldn't ID the vulnerable ones. According to the resulting report from Approov, out of 30 popular mHealth apps analyzed, 77 percent of them contained hardcoded API keys, which would allow an attacker to intercept that exchange of information - some of which don't expire.

The statement coincided with Accellion's own public acknowledgment that an ongoing vulnerability in FTA eventually led to an information compromise with Singtel and other customer systems. "The Accellion file transfer product used by Singtel is 20 years old, and continues to be used by many organizations in the financial, governmental and commercial sector to transfer large files, despite Accellion's offering of newer and more secure file-sharing solutions," Chloé Messdaghi, chief strategist, Point3 Security, said via email.

The ransomware attack against CD Projekt Red was conducted by a ransomware group that goes by the name 'HelloKitty,' and yes, that's the name the threat actors utilize. Today, CD Project disclosed that they were the target of a ransomware attack that encrypted devices on their network and led to the theft of unencrypted files.

Federal law enforcement is now looking into a cyberattack at a water treatment plant in Oldsmar, FL where someone was able to remotely access systems and add a dangerous amount of chemicals to the town's water supply. On Monday, Pinellas County Sheriff Bob Gualtieri explained during a press conference that an employee at Oldsmar's water treatment facility saw his mouse moving independently of him on Friday morning but thought nothing of it-it's common for people in the field to remotely access systems through their TeamViewer software.

Spotify streaming music aficionados are in the crosshairs of yet another credential-stuffing cyberattack, just three months after the last one. Back in November, cybercriminals attacked hundreds of thousands of Spotify users utilizing this approach, prompting the streaming music service to issue password-reset notices.

Austria-based crane manufacturer Palfinger on Monday informed customers that its IT infrastructure suffered serious disruptions as a result of an "Ongoing global cyber attack." "Currently, the PALFINGER AG and the majority of its sites are the target of an ongoing global cyber-attack with massive effects on its IT infrastructure. The extent and consequences of the attack cannot be assessed at this time, but intensive efforts are being made to find a solution," reads a message currently greeting users who access the company's website.

A coastal South Carolina county says hackers broke into its computer network over the weekend. A statement from Georgetown County's local government Monday said the county's computer network "Suffered a major infrastructure breach over the weekend." Most of the county's electronic systems, including emails, were impacted.

Leading crane and lifting manufacturer Palfinger is targeted in an ongoing cyberattack that has disrupted IT systems and business operations. Palfinger is a leading maker of crane and lifting solutions commonly used for construction, and land and sea lifting, loading, and handling solutions.

The Russian government has issued a security warning to organizations in Russia about possible retaliatory cyberattacks by the USA for the SolarWinds breach. The US government believes that this attack was conducted by a Russian state-sponsored hacking group whose goal was to steal cloud data such as email and files from high profile US corporations and government agencies.

The CHwapi hospital in Belgium is suffering from a cyberattack where threat actors claim to have encrypted 40 servers and 100 TB of data using Windows Bitlocker. On Sunday, CHwapi suffered an attack that caused the hospital to redirect patients to other hospitals and delay surgical procedures.