Bose Corporation (Bose) has disclosed a data breach following a ransomware attack that hit the company's systems in early March. In a breach notification letter filed with New Hampshire's Office of the Attorney General, Bose said that it "experienced a sophisticated cyber-incident that resulted in the deployment of malware/ransomware across" its "environment." READ MORE...
Justin Sean Johnson, a 30-year-old from Detroit, Michigan, has pleaded guilty to stealing the personally identifiable information (PII) of 65,000 employees of health care provider and insurer University of Pittsburgh Medical Center (UPMC) and selling it on the dark web. UPMC is Pennsylvania's largest health care provider that employs more than 90,000 employees in 40 hospitals and 700 doctors' offices and outpatient sites. READ MORE...
Russian-speaking dark web bazaar Hydra has dominated the illicit marketplace since 2018, thanks in part to the demise of a rival business as well as its imposition of restrictive policies on sellers, according to research published Tuesday. Hydra administrators have made transactions on the site more difficult to track by forcing users to transact in difficult-to-track Russian currencies, along with regional financial operators and service providers, according to the research. READ MORE...
Apple has patched a critical bug in macOS that could be exploited to take screenshots of someone's computer and capture images of their activity within applications or on video conferences without that person knowing. Apple addressed the vulnerability-discovered by researchers at enterprise cybersecurity firm Jamf- in the latest version of macOS, Big Sur 11.4, released on Monday, the company told Forbes, according to a published report. READ MORE...
Researchers say they've uncovered never-before-seen disk-wiping malware that's disguising itself as ransomware as it unleashes destructive attacks on Israeli targets. Apostle, as researchers at security firm SentinelOne are calling the malware, was initially deployed in an attempt to wipe data but failed to do so, likely because of a logic flaw in its code. The internal name its developers gave it was "wiper-action." READ MORE...
Attackers could abuse vulnerabilities discovered in the Bluetooth Core and Mesh Profile specifications to impersonate legitimate devices during the pairing process and launch man-in-the-middle (MitM) attacks. The Bluetooth Core and Mesh Profile specifications define requirements needed by Bluetooth devices to communicate with each other and for Bluetooth devices using low energy wireless technology to enable interoperable mesh networking solutions. READ MORE...
Bitcoin took investors on another rollercoaster ride over the weekend after a top regulator in China announced a crackdown on mining, a new tack in the country's ongoing fight against the cryptocurrency. The government will "crack down on bitcoin mining and trading behavior and resolutely prevent the transfer of individual risks to the society," said the statement, which was issued by the Financial Stability and Development Committee of the State Council, the country's cabinet equivalent. READ MORE...