The Cybersecurity and Infrastructure Security Agency spotted Salt Typhoon on federal networks before defenders discovered the China-sponsored threat group intruded into U.S. telecom systems, Director Jen Easterly said Wednesday. CISA's sleuthing "enabled law enforcement to unravel and ask for process on virtual private servers," Easterly said during an onstage interview at the Foundation for Defense of Democracies. READ MORE...
Wolf Haldenstein Adler Freeman & Herz LLP ("Wolf Haldenstein") reports it has suffered a data breach that exposed the personal information of nearly 3.5 million individuals to hackers. The incident took place on December 13, 2023, but the firm says data analysis and digital forensic complications severely delayed the completion of its investigation. Last Friday, Wolf Haldenstein published a notice on its website, while an entry on Maine AG's portal sets the total affected to 3,445,537. READ MORE...
A suspected Russia-nexus threat actor has been executing convincing spear phishing attacks against diplomatic entities in Kazakhstan. UAC-0063, active since at least 2021, was first documented by Ukraine's Computer Emergency Response Team (CERT-UA) in 2023. With medium confidence, CERT-UA tied it to APT28 (aka Fancy Bear, Forest Blizzard, Strontium, Sofacy), from the General Staff Main Intelligence Directorate (GRU) Military Unit 26165. READ MORE...
The cat-and-mouse game between state-sponsored Russian hackers and one of the world's biggest technology companies has continued into 2025. Microsoft's threat intelligence team published research Thursday examining how a state-sponsored Russian threat actor group, known as Star Blizzard, has altered its longstanding attack strategies to target WhatsApp accounts. This attack vector is a significant change in the group's tactics, techniques, and procedures. READ MORE...
Residents across the United States are being inundated with text messages purporting to come from toll road operators like E-ZPass, warning that recipients face fines if a delinquent toll fee remains unpaid. Researchers say the surge in SMS spam coincides with new features added to a popular commercial phishing kit sold in China that makes it simple to set up convincing lures spoofing toll road operators in multiple U.S. states. READ MORE...
Fortified Health Security (Fortified), a Best in KLAS managed security services provider (MSSP) specializing in healthcare cybersecurity, today released the 2025 Horizon Report, a semiannual publication on cybersecurity news, trends, guidance and solutions for healthcare organizations. Analyzing data from the Office for Civil Rights (OCR), the Horizon Report has served as a free resource for healthcare professionals since 2017. READ MORE...
A severe flaw in the W3 Total Cache plugin installed on more than one million WordPress sites could give attackers access to various information, including metadata on cloud-based apps. The W3 Total Cache plugin uses multiple caching techniques to optimize a website's speed, reduce load times, and generally improve its SEO ranking. Despite the developer releasing a fix in the latest version of the product, hundreds of thousands of websites have still to install the patched variant. READ MORE...
Vulnerabilities in the SimpleHelp remote access software are trivial to exploit and could allow attackers to compromise the server and client machines, cybersecurity firm Horizon3.ai reports. SimpleHelp provides remote support solutions that include file transfer, diagnostics, and task automation capabilities. It uses clients running on customers' machines and a server that acts as a web application and a proxy between the customers and technicians. READ MORE...