Change Healthcare Ransomware Attack Impacts 100 Million People
Change Healthcare parent company UnitedHealth Group has revealed that the personal information of 100 million individuals was compromised in the February 2024 ransomware attack. Disclosed on February 21, the attack resulted in widespread network disruptions that impacted over 100 Change Healthcare applications across clinical, dental, medical record, patient engagement, pharmacy, and payment services. Thousands of pharmacies and healthcare providers were affected. READ MORE...
American Water Under Investigation for Cyberattack Potentially Affecting 14M Customers
Schubert Jonckheer & Kolbe LLP is investigating a cyberattack and data breach potentially affecting the private information of up to 14 million customers of American Water Works Company, Inc., a New Jersey-based water and wastewater utility company that operates in 14 states and manages 500 water systems. On October 7, 2024, American Water announced in a Form 8-K filed with the Securities and Exchange Commission that it experienced a cybersecurity incident. READ MORE...
Landmark Admin Discloses Data Breach Impacting 800,000 People
Insurance administrator Landmark Admin is notifying over 800,000 individuals that their personal information was stolen in a ransomware attack earlier this year. Landmark discovered the unauthorized access to its systems on May 13, and the attackers regained entry to its network on June 17, while the investigation into the incident was ongoing. The threat actors exfiltrated and encrypted data, the company noted in a notification letter to the impacted individuals. READ MORE...
Henry Schein discloses data breach a year after ransomware attack
Henry Schein has finally disclosed a data breach following at least two back-to-back cyberattacks in 2023 by the BlackCat Ransomware gang, revealing that over 160,000 people had their personal information stolen. Henry Schein is a healthcare solutions provider and a Fortune 500 company with operations and affiliates in 32 countries and revenue of over $12 billion in 2022. On October 15, the company disclosed that it was forced to take some systems offline to contain a cyberattack. READ MORE...
QNAP, Synology, Lexmark devices hacked on Pwn2Own Day 3
The third day of Pwn2Own Ireland 2024 continued to showcase the expertise of white hat hackers as they exposed 11 zero-day vulnerabilities, adding $124,750 to the total prize pool, which now stands at $874,875. Pwn2Own, a global hacking competition, challenges top security researchers to exploit a range of software and hardware devices, with the ultimate goal of earning the prestigious "Master of Pwn" title and claiming up to $1 million in rewards. READ MORE...
Emergency patch: Cisco fixes bug under exploit in brute-force attacks
Cisco has patched an already exploited security hole in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that miscreants have been brute-forcing in attempted denial of service attacks. The bug, CVE-2024-20481, is a medium-severity flaw that's due to resource exhaustion, earning a 5.8 CVSS rating. According to Cisco, it only affects devices that have the remote access VPN (RAVPN) service enabled. READ MORE...
NotLockBit: Ransomware Discovery Serves As Wake-Up Call For Mac Users
Historically, Mac users haven't had to worry about malware as much as their Windows-using cousins. Although malware targeting Apple devices actually predates viruses written for PCs, and there have been some families of malware that have presented a significant threat for both operating systems (for instance, the Word macro viruses that hit computers hard from 1995 onwards), it is generally the case that you're simply a lot less likely to encounter malware on your Mac. READ MORE...
Exploited: Cisco, SharePoint, Chrome vulnerabilities
Threat actors have been leveraging zero and n-day vulnerabilities in Cisco security appliances (CVE-2024-20481), Microsoft Sharepoint (CVE-2024-38094), and Google's Chrome browser (CVE-2024-4947). In the past few days, Cisco has released fixes for a slew of vulnerabilities affecting the software powering its security appliances. SharePoint is Microsoft's enterprise-grade solution for content/knowledge management. READ MORE...
Fortinet zero-day attack spree hits at least 50 customers
Attackers are actively exploiting a critical zero-day vulnerability in Fortinet's network and security management tool FortiManager, according to security researchers and federal authorities. The earliest exploitation was on June 27, and at least 50 organizations across various industries have been impacted to date, Mandiant said in a Wednesday blog post. READ MORE...
- ...in 1881, artist and co-founder of the Cubist movement Pablo Picasso is born in Malaga, Spain.
- ...in 1957, voice actress Nancy Cartwright, best known for playing Bart Simpson and other characters on "The Simpsons", is born in Dayton, OH.
- ...in 1960, the Rev. Dr. Martin Luther King, Jr. is sentenced to four months in jail for participating in a sit-in at a segregated lunch counter.
- ...in 2001, Microsoft releases Windows XP.
