Security News

Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5,...

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

In an era where cyber threats continue to evolve, healthcare organizations are increasingly targeted by malicious actors employing multiple attack vectors, according to Trustwave. "Protecting the supply chain and maintaining business continuity are critical considerations across most industries, but healthcare cyber leaders encounter distinct challenges in safeguarding patient well-being, maintaining quality of care, and enabling healthcare professionals to leverage cutting-edge digital technologies to perform at the highest level," said Trustwave CISO Kory Daniels.

Cyberattackers are targeting uninterruptible power supply devices, which provide battery backup power during power surges and outages. UPS devices are usually used in mission-critical environments, safeguarding critical infrastructure installations and important computer systems and IT equipment, so the stakes are high.

A sophisticated phishing campaign directed at a "Major, publicly traded integrated payments solution company located in North America" made use of DocuSign and a compromised third party's email domain to skate past email security measures, researchers said. The campaign spread seemingly innocuous emails around the company, with the goal of stealing Microsoft login credentials, researchers at Armorblox revealed.

Meyer Corp., maker of Farberware and the largest cookware and bakeware distributor in the U.S., has begun notifying 2,747 employees that a cyberattack that occurred on Oct. 25 compromised their personal data. While the report given to the Maine Attorney General doesn't specifically name the culprit behind the attack, the Conti ransomware group had already announced on its leak site on Nov. 7 it was in possession of the employee data files, according to a report this week on the cyberattack.

Two companies owned by Hamburg-based company fuel group Marquard & Bahls are battling cyberattackers, with loading and unloading systems at the German arm of petrol tank terminal provider Oiltanking affected. The company this afternoon confirmed to The Register that Oiltanking GmbH's terminals - which provide Shell service stations, among others - are "Operating with limited capacity" and that Mabanaft GmbH had "Declared force majeure for the majority of its inland supply activities in Germany."

FCI's data breach notice said that the healthcare organization first detected suspicious activity on its internal systems on Feb. 1, 2021. The data of more than 3,300 U.S. military service members, military dependents and civilians employed by the DoD were compromised as part of what turned out to be a transnational cybercrime ring created to defraud them out of $1.5 million in military benefits from the DoD and the VA. With regards to the FCI breach, the organization said that it immediately took steps to eliminate unauthorized access and brought in independent forensic investigators to investigate and remediate the matter, on top of additional security measures meant to further secure access to data, individual accounts, and equipment, including the implementation of enterprise identity verification software.

Whether the app is on your mobile device, entertainment system or garage door, APIs are what developers use to make applications function. Some background on what makes APIs such a security concern.

Cyberattackers are using Google's reCAPTCHA and fake CAPTCHA-like services to obscure various phishing and other campaigns, according to researchers. CAPTCHAs are familiar to most internet users as the challenges that are used to confirm that they're human.