Break-ins to systems hosting the data of two US healthcare organizations led to thieves making off with the personal and medical data of more than 300,000 patients. Kansas-based Sunflower Medical Group and Rhode Island's Community Care Alliance (CCA) both disclosed separate attacks. Sunflower said in a letter to affected individuals that intruders on its network weren't detected for nearly a month. READ MORE...
The Dark Storm hacktivist group claims to be behind DDoS attacks causing multiple X worldwide outages on Monday, leading the company to enable DDoS protections from Cloudflare. While X owner Elon Musk did not specifically state that DDoS attacks were behind the outages, he did confirm that it was caused by a "massive cyberattack.". Dark Storm is a pro-Palestinian hacktivist group that launched in 2023 and has previously targeted organizations in Israel, Europe, and the US. READ MORE...
SideWinder, a likely India-based cyber-espionage group that's been active since at least 2012, recently ramped up attacks on organizations in the maritime and logistic sectors in Africa and Asia. In many of the attacks, the threat group has used variously themed phishing emails to lure targets into clicking on a malicious document. The document contains an exploit for CVE-2017-11882, a memory corruption vulnerability in Microsoft Office that SideWinder has used for years in its campaigns. READ MORE...
Enterprise software maker SAP on Tuesday announced the release of 21 new and three updated security notes on its March 2025 security patch day. The company included five high-priority security notes in its advisory, namely three new notes that address vulnerabilities in Commerce, NetWeaver, and Commerce Cloud, and two updated notes that resolve flaws in Approuter and PDCE. The NetWeaver vulnerability was discovered in the transaction SA38, and allows access to restricted functionality. READ MORE...
A South American cyberespionage group has delivered malware to over 1,600 victims in Colombia in a recent campaign, Check Point reports. Tracked as Blind Eagle and APT-C-36, and active since 2018, the advanced persistent threat (APT) actor is known for targeting government, financial, and critical infrastructure organizations in Colombia and Ecuador. The threat actor mainly relies on phishing emails containing malicious attachments or URLs to deliver remote access trojans. READ MORE...
A broad malvertising campaign used a combination of illegal streaming websites and GitHub to impact nearly 1 million Windows PCs with data-stealing malware. The campaign, identified by Microsoft, targeted both consumer and enterprise devices across a wide range of industries and organizations. Microsoft Threat Intelligence (MTI) in December detected the attack, originated from illegal streaming websites embedded with malvertising redirectors. READ MORE...
A 55-year-old software developer faces up to 10 years in prison for deploying malicious code that sabotaged his former employer's network, allegedly costing hundreds of thousands of dollars in losses. The US Department of Justice announced Friday that Davis Lu was convicted by a jury after "causing intentional damage to protected computers" reportedly owned by the Ohio- and Dublin-based power management company Eaton Corp. READ MORE...
A retired top cybersecurity official from the National Security Agency warned a key House panel that widespread cuts to federal probationary workers could severely harm the U.S.'s ability to counter threats from China and other cyber adversaries. "I want to raise my grave concerns that the aggressive threats to cut U.S. government probationary employees will have a devastating effect," Rob Joyce, former director of cybersecurity at the NSA, said in testimony Wednesday READ MORE...
Apopular set of SCADA software systems used in critical infrastructure around the world suffered from at least five known vulnerabilities that could have allowed for privilege escalation, DLL hijacking and the ability to modify critical files. The vulnerabilities were found within a suite of software made by ICONICS, which claims on its website that its SCADA software is embedded in "hundreds of thousands of installations running in over 100 countries worldwide." READ MORE...
Last August, the National Institute of Standards and Technology (NIST) released its first three finalized post-quantum encryption standards, designed to withstand attacks from quantum computers. It was the latest sign of a changing security world - but what does it all mean for passwords? It's easy to see why there's such excitement about quantum computing. By harnessing the properties of the quantum world, computers can make calculations that simply wouldn't be possible with 'normal' systems. READ MORE...