The FBI says cybercriminals have stolen a record $16,6 billion in 2024, marking an increase in losses of over 33% compared to the previous year. According to the bureau's annual Internet Crime Complaint Center (IC3) report, IC3 recorded 859,532 complaints last year (256,256 with actual loss), amounting to an average loss of $19,372. The most impacted group is older Americans, especially people over 60, who filed 147,127 complaints linked to approximately $4.8 billion in losses. READ MORE...
Yale New Haven Health System (YNHHS), which operates several hospitals in Connecticut, recently disclosed a data breach impacting the personal information of millions of patients. The Yale University-affiliated healthcare organization revealed on April 11 that it detected unusual activity on its IT systems on March 8. While patient care was not impacted by the incident, an investigation showed that hackers managed to copy data from YNHHS systems on the day the intrusion was discovered. READ MORE...
US health insurance giant Blue Shield of California handed sensitive health information belonging to as many as 4.7 million members to Google's advertising empire, likely without these individuals' knowledge or consent. The data shared may have included medical claim dates and providers used, which raises the specter of Google targeting ads based on the fact that you booked an appointment with a certain type of doctor - say, a cancer specialist, fertility clinic, or psychiatrist. READ MORE...
Attackers are having a field day with software defects in security devices, according to a new report released Wednesday by Mandiant. Exploits were the most common initial infection vector, representing 1 of every 3 attacks in 2024, and the four most frequently exploited vulnerabilities were all contained in edge devices, such as VPNs, firewalls and routers, Mandiant said in its M-Trends report released Wednesday. READ MORE...
A new Android malware has been discovered hidden inside trojanized versions of the Alpine Quest mapping app, which is reportedly used by Russian soldiers as part of war zone operational planning. Attackers promote the trojanized app as a free, cracked version of the premium Alpine Quest Pro, using Telegram channels and Russian app catalogs for distribution. AlpineQuest is a legitimate GPS and topographic mapping app for Android used by adventurers, athletes, rescue teams, and military personnel. READ MORE...
Asian crime syndicates are running cyber scam centers at a hyperscale, earning tens of billions of dollars and expanding into new markets westward. That recent phishing email or gift card scam you received - or malicious deepfake you witnessed - might have seemed like it popped up out of nowhere. But behind that attack was a threat actor who most likely wasn't a hooded figure in a basement you might have imagined. READ MORE...
A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk's Department of Government Efficiency (DOGE) siphoned gigabytes of data from the agency's sensitive case files in early March. The whistleblower said accounts created for DOGE at the NLRB downloaded three code repositories from GitHub. Further investigation into one of those code bundles shows it is remarkably similar to a program published in January 2025 by DOGE employee Marko Elez. READ MORE...
Threat groups from across the globe are increasingly weaponizing older vulnerabilities for exploitation, according to a report released Wednesday by GreyNoise Intelligence. More than half of these resurgent vulnerabilities affect edge technologies, the report shows. Nearly seven out of 10 of the most unpredictable vulnerabilities - known as Black Swan vulnerabilities - affect edge technologies. READ MORE...