Security News

Healthcare organizations in the crosshairs of cyberattackers
2023-07-18 03:30

In an era where cyber threats continue to evolve, healthcare organizations are increasingly targeted by malicious actors employing multiple attack vectors, according to Trustwave. "Protecting the supply chain and maintaining business continuity are critical considerations across most industries, but healthcare cyber leaders encounter distinct challenges in safeguarding patient well-being, maintaining quality of care, and enabling healthcare professionals to leverage cutting-edge digital technologies to perform at the highest level," said Trustwave CISO Kory Daniels.

Cyberattackers Target UPS Backup Power Devices in Mission-Critical Environments
2022-03-30 17:14

Cyberattackers are targeting uninterruptible power supply devices, which provide battery backup power during power surges and outages. UPS devices are usually used in mission-critical environments, safeguarding critical infrastructure installations and important computer systems and IT equipment, so the stakes are high.

Cyberattackers Leverage DocuSign to Steal Microsoft Outlook Logins
2022-02-24 15:08

A sophisticated phishing campaign directed at a "Major, publicly traded integrated payments solution company located in North America" made use of DocuSign and a compromised third party's email domain to skate past email security measures, researchers said. The campaign spread seemingly innocuous emails around the company, with the goal of stealing Microsoft login credentials, researchers at Armorblox revealed.

Cyberattackers Cook Up Employee Personal Data Heist for Meyer
2022-02-22 20:41

Meyer Corp., maker of Farberware and the largest cookware and bakeware distributor in the U.S., has begun notifying 2,747 employees that a cyberattack that occurred on Oct. 25 compromised their personal data. While the report given to the Maine Attorney General doesn't specifically name the culprit behind the attack, the Conti ransomware group had already announced on its leak site on Nov. 7 it was in possession of the employee data files, according to a report this week on the cyberattack.

Cyberattacker hits German service station petrol terminal provider
2022-02-01 15:50

Two companies owned by Hamburg-based company fuel group Marquard & Bahls are battling cyberattackers, with loading and unloading systems at the German arm of petrol tank terminal provider Oiltanking affected. The company this afternoon confirmed to The Register that Oiltanking GmbH's terminals - which provide Shell service stations, among others - are "Operating with limited capacity" and that Mabanaft GmbH had "Declared force majeure for the majority of its inland supply activities in Germany."

Cyberattackers Hit Data of 80K Fertility Patients
2022-01-07 21:14

FCI's data breach notice said that the healthcare organization first detected suspicious activity on its internal systems on Feb. 1, 2021. The data of more than 3,300 U.S. military service members, military dependents and civilians employed by the DoD were compromised as part of what turned out to be a transnational cybercrime ring created to defraud them out of $1.5 million in military benefits from the DoD and the VA. With regards to the FCI breach, the organization said that it immediately took steps to eliminate unauthorized access and brought in independent forensic investigators to investigate and remediate the matter, on top of additional security measures meant to further secure access to data, individual accounts, and equipment, including the implementation of enterprise identity verification software.

Top 3 API Vulnerabilities: Why Apps are Pwned by Cyberattackers
2021-08-31 13:29

Whether the app is on your mobile device, entertainment system or garage door, APIs are what developers use to make applications function. Some background on what makes APIs such a security concern.

Cyberattackers Embrace CAPTCHAs to Hide Phishing, Malware
2021-08-13 21:04

Cyberattackers are using Google's reCAPTCHA and fake CAPTCHA-like services to obscure various phishing and other campaigns, according to researchers. CAPTCHAs are familiar to most internet users as the challenges that are used to confirm that they're human.

South Korea’s nuclear research agency breached by North Korea-affiliated cyberattackers, says malware analyst group
2021-06-21 05:33

South Korean officials have admitted that government nuclear think tank Korea Atomic Energy Research Institute was hacked in May 2021 by North Korea's Kimsuky group. Malware analyst group IssueMakersLab said in a report that it detected an attack on KAERI on May 14th. The attack saw incoming heat from 13 internet addresses, of which one was traceable to Kimsuky.

‘Fancy Lazarus’ Cyberattackers Ramp up Ransom DDoS Efforts
2021-06-10 21:54

The new name is a tongue-in-cheek combination of the Russia-linked Fancy Bear advanced persistent threat and North Korea's Lazarus Group. According to Proofpoint, this time around the gang has been sending threatening, targeted emails to various organizations, including those operating in the energy, financial, insurance, manufacturing, public utilities and retail sectors - asking for a two-Bitcoin starting ransom if companies want to avoid a crippling DDoS attack.