480,000 Catholic Health Patients Impacted by Serviceaide Data Leak
Enterprise management solutions provider Serviceaide has informed the Department of Health and Human Services (HHS) that a data leak impacts the personal and medical information of nearly half a million Catholic Health patients. California-based Serviceaide, whose solutions are used by organizations worldwide, discovered in November 2024 that an Elasticsearch database maintained for one of its customers had been inadvertently made publicly available. READ MORE...
200,000 Harbin Clinic Patients Impacted by NRS Data Breach
Georgia healthcare provider Harbin Clinic is notifying over 200,000 people that their personal information was stolen in a July 2024 data breach at debt collector Nationwide Recovery Services (NRS). The incident was discovered after suspicious activity on NRS's internal systems resulted in a network outage. The third-party collection agency discovered that the attackers accessed its network between July 5 and July 11, and stole certain data. READ MORE...
Coinbase flips $20M extortion demand into bounty for info on attackers
Coinbase responded to a security incident with combative measures Thursday after the company said cybercriminals bribed some of the cryptocurrency exchange's international support staff to steal data on customers. The unnamed threat group stole personally identifiable information and other sensitive data on less than 1% of Coinbase's monthly users. The cybercriminals contacted customers under the guise of an employee at Coinbase in an attempt to dupe people into relinquishing their cryptocurrency. READ MORE...
Ex-NSA bad-guy hunter listened to Scattered Spider's fake help-desk calls: 'Those guys are good'
The call came into the help desk at a large US retailer. An employee had been locked out of their corporate accounts. But the caller wasn't actually a company employee. He was a Scattered Spider criminal trying to break into the retailer's systems - and he was really good, according to Jon DiMaggio, a former NSA analyst who now works as a chief security strategist at Analyst1. Scattered Spider is a cyber gang linked to SIM swapping, fake IT calls, and ransomware crews like ALPHV. READ MORE...
AI hallucinations and their risk to cybersecurity operations
AI systems can sometimes produce outputs that are incorrect or misleading, a phenomenon known as hallucinations. These errors can range from minor inaccuracies to misrepresentations that can misguide decision-making processes. One emerging concern is the phenomenon of package hallucinations, where AI models suggest non-existent software packages. This issue has been identified as a potential vector for supply chain attacks, termed "slopsquatting." READ MORE...
Hackers earn $1,078,750 for 28 zero-days at Pwn2Own Berlin
The Pwn2Own Berlin 2025 hacking competition has concluded, with security researchers earning $1,078,750 after exploiting 29 zero-day vulnerabilities and encountering some bug collisions. Throughout the contest, they targeted enterprise technologies in the AI, web browser, virtualization, local privilege escalation, servers, enterprise applications, cloud-native/container, and automotive categories. READ MORE...
- ...in 1749, King George II of England grants the Ohio Company a charter of several hundred thousand acres of land around the forks of the Ohio River.
- ...in 1951, musician Jeffrey Ross Hyman AKA Joey Ramone, the lead singer of classic punk rock group the Ramones, is born in Queens, NY.
- ...in 1963, the New York Post Sunday Magazine publishes Dr. Martin Luther King Jr.'s "Letter from Birmingham Jail".
- ...in 1984, "Press Your Luck" contestant Michael Larson exploits a flaw in the game show's "random" prize board to win USD $110,000 in a single night.
