An aggressive and prolific Chinese-speaking cyberespionage group has targeted the ministries of foreign affairs and embassies of at least nine countries across Africa, the Middle East, Europe and Asia, researchers with Cisco Talos said Friday, highlighting how hackers perhaps aligned with Beijing continue to evolve their operations to gather information about a variety of geopolitical hotspots. READ MORE...
A 911 vendor's malfunctioning firewall caused a statewide outage in the emergency calling system in Massachusetts on Tuesday afternoon, the state government said. A Massachusetts government press release issued yesterday said the state's 911 vendor, Comtech, "has advised State 911 that they have applied a technical solution to ensure that this does not happen again." READ MORE...
Santander Bank warned thousands of U.S. employees that their direct deposit bank account information and social security numbers may have been obtained in a third-party database hack, according to filings with the Attorney's General of Maine and Vermont. An unauthorized party gained access to the employee data used for direct deposits between late April and early May. Santander said it immediately blocked access to the affected systems and continues to take further action to protect its systems. READ MORE...
Change Healthcare is starting to notify hospitals, insurers and other customers that they may have had patient information exposed in a massive cyberattack. The company also said Thursday that it expects to begin notifying individuals or patients in late July. Change Healthcare, a subsidiary of health care giant UnitedHealth Group, provides technology used to submit and process billions of insurance claims a year. READ MORE...
Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack "by an international cybercriminal organization," the company has finally confirmed to its employees on Tuesday. The confirmation came nine days after the company's network went down (on June 9) and eight days after its manufacturing plants came to a standstill (on June 10), as reported as reported by German security blogger Günter Born. READ MORE...
The Biden administration will ban all sales of Kaspersky antivirus software in the US starting in July, according to reporting from Reuters and a filing from the US Department of Commerce (PDF). The US believes that security software made by Moscow-based Kaspersky Lab represents a national security risk and that the Russian government could use Kaspersky's software to install malware, block other security updates, and "collect and weaponize the personal information of Americans." READ MORE...
Digital transformation is helping healthcare providers across the globe to become more cost-efficient, while improving standards of patient care. But digitizing healthcare records also comes with some major cyber risks. Once your data is stored on IT systems that can be reached via the internet, it could be accidentally leaked, or accessed by malicious third parties. In the first 10 months of 2023 in the US, over 88 million people had their medical data exposed, according to government figures. READ MORE...
A recently patched Vision Pro vulnerability has been classified by Apple as a denial-of-service (DoS) issue, but the researcher who found it has demonstrated that it's actually a "scary" bug. Apple recently announced the release of version 1.2 of visionOS, the operating system powering its Vision Pro virtual reality headset. The update addresses several vulnerabilities, one of which may also be what the reporting researcher has described as the "first ever spatial computing hack". READ MORE...
Threat actors are actively exploiting a SolarWinds Serv-U path-traversal vulnerability, leveraging publicly available proof-of-concept (PoC) exploits. Although the attacks do not appear particularly sophisticated, the observed activity underscores the risk posed by unpatched endpoints, emphasizing the urgent need for administrators to apply the security updates. The vulnerability, CVE-2024-28995, is a high-severity directory traversal flaw. READ MORE...
A vulnerability dubbed "CosmicSting" impacting Adobe Commerce and Magento websites remains largely unpatched nine days after the security update has been made available, leaving millions of sites open to catastrophic attacks. According to Sansec's stats, roughly three out of four websites using the impacted e-commerce platforms have not patched against CosmicSting, which puts them at risk of XML external entity injection (XXE) and remote code execution (RCE). READ MORE...