HCA Healthcare on Monday announced that the personal information of roughly 11 million patients was stolen in a data breach. The incident, the healthcare services provider says, was discovered on July 5, after a threat actor posted on an underground forum information allegedly stolen from HCA Healthcare. The threat actor posted a list containing names, addresses, birth dates, gender information, phone numbers, email addresses, service dates, and appointment dates, HCA Healthcare says in an incident notice. READ MORE...
Gaming gear company Razer reacted to recent rumors of a massive data breach with a short statement on Twitter, letting users know that they started an investigation into the matter. Razer is a popular American-Singaporean tech firm focusing on gaming hardware, selling high-quality peripherals, powerful laptops, and apparel. The company also sells services that give registered account holders access to extensive game collections, special in-game item offers, exclusive rewards, and more. READ MORE...
Weeks after suspected Russia-linked hacktivists disrupted key Microsoft services, including Azure and OneDrive, U.S. authorities are warning organizations about potential new threats involving distributed denial of service attacks. The Cybersecurity and Infrastructure Security Agency in late June urged organizations to monitor their systems to determine whether outages were related to maintenance or, potentially, deliberate attacks. READ MORE...
Apple has patched an actively exploited zero-day vulnerability (CVE-2023-37450) by releasing Rapid Security Response updates for iPhones, iPads and Macs running the latest versions of its operating systems. The vulnerability has also been fixed with a regular security update in Safari (16.5.2), so users running macOS Big Sur and macOS Monterey can also implement the fix. As per usual, Apple doesn't say much about the fixed vulnerability. READ MORE...
A tool that automates the delivery of malware from external attackers to target employees' Microsoft Teams inbox has been released. As noted by Jumpsec researchers Max Corbridge and Tom Ellson, Microsoft Teams' default configuration lets external tenants (i.e., M365 users outside the organization) message an organization's employees. The same configuration doesn't allow external tenants to send files, but that restriction can be bypassed by switching the internal and external recipient ID on the POST request. READ MORE...
The Iran-linked advanced persistent threat (APT) known as APT35 (aka Charming Kitten, TA453, and Tortoiseshell) has developed specially crafted Mac malware in order to carry out targeted cyberattacks on civil society members. According to recent research by Proofpoint, the Mac malware, dubbed "NokNok," was discovered after the state-sponsored cyber espionage group sent a conversation lure to a public media contact for a nuclear security expert at a US-based think tank. READ MORE...
JumpCloud invalidated and reset the API keys for all administrators, the company said on a support page posted last week. The company told customers to update all third-party integrations with newly established keys due to what it described as an ongoing incident. "Out of an abundance of caution relating to an ongoing incident, JumpCloud has decided to rotate all API keys for JumpCloud admins," the company said in a support post posted Wednesday and updated Friday. READ MORE...
Virtualization technology giant VMware on Monday warned that exploit code has been publicly released for a pre-authentication remote code execution flaw in its enterprise-facing VMware Aria Operations for Logs product. In an update to a critical-level advisory originally released in April this year, VMware said it has confirmed that exploit code for CVE-2023-20864 has been published, underscoring the urgency for enterprise network admins to apply available patches. READ MORE...