The Alphv/BlackCat hackers lurked in Change Healthcare's environment for nine days before deploying file-encrypting ransomware, the healthcare payment processor's parent company UnitedHealth Group said. The attack that crippled the US healthcare system for weeks was carried out using leaked credentials for a Citrix portal that was not properly secured, UnitedHealth Group's CEO Andrew Witty is set to testify before a US Congress committee on May 1. READ MORE...
London Drugs, a Canadian pharmacy chain, has closed its stores until further notice due to an "operational issue." A London Drugs spokesperson said the closure of stores in British Columbia, Alberta, and Saskatchewan is due to a "cybersecurity incident" that was discovered earlier this week, according to The Register. The company doesn't believe any customer or employee data was affected, and it's working with third-party experts to investigate further. READ MORE...
Daily newspaper Philadelphia Inquirer revealed that attackers behind a May 2023 security breach have stolen the personal and financial information of 25,549 individuals. The Inquirer is Philadelphia's largest newspaper by circulation and has won 20 Pulitzer Prizes since it was founded in 1829. It's also the third-longest operating daily newspaper in the United States. READ MORE...
Docker has removed nearly 3 million public repositories from Docker Hub after researchers discovered each one to be imageless and have no content besides an accompanying apparent description page that contained links to malicious content instead. Researchers from JFrog spotted the threat in a recent investigation and identified the containers as being used in three large-scale campaigns to distribute spam and malware. READ MORE...
A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients. On October 21, 2020, the Vastaamo Psychotherapy Center in Finland became the target of blackmail when a tormentor identified as "ransom_man" demanded payment of 450,000 euros in exchange for not publishing highly sensitive therapy notes. READ MORE...
Attacks that relied on the exploitation of vulnerabilities as their key path to a breach leaped a remarkable 180% last year compared to the year before, driven in large measure by the sweeping MOVEit hack, according to the annual Verizon data breach report released Wednesday. "We're attributing that increase to the use of zero-day vulnerabilities by ransomware actors." said Alex Pinto, who leads the Verizon team that wrote the report. READ MORE...
Chinese cybersecurity firm QAX XLab has uncovered a new Android trojan that hides its true command-and-control (C&C) server behind a series of compromised WordPress sites. Dubbed Wpeeper, the malware has the typical functionality of an Android trojan, such as information collection, file and directory management, file download and upload, and command execution. READ MORE...
Qantas Airways confirms that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users. Qantas is Australia's flag carrier and the largest airline by fleet size, operating 125 aircraft and serving 104 destinations. Qantas has 23,500 employees and an annual revenue of almost $12.9 billion. READ MORE...