Blog
UK: Secretary Fined For Accessing Scores of Patient Records
The Information Commissioner’s Office (ICO) said that a complaint was first lodged back in June 2019, after a patient raised concerns that their records had been improperly accessed by Loretta Alborghetti, from Redditch.
CISA Releases Cybersecurity Guidance for Healthcare, Public Health Organizations
The guide incorporates vulnerability data, known exploited vulnerabilities, and the MITRE ATT&CK framework. It covers topics such as asset management, identity management, device security, vulnerabilities, patching, and secure design principles.
Greater Paris Wastewater Agency Dealing with Cyberattack
The attack prompted SIAAP to file a complaint with authorities and take immediate measures to secure their systems to prevent further spread. It has prioritized maintaining the public sanitation service and is working to ensure a return to normalcy.
Play Ransomware Goes Commercial – Now Offered as a Service to Cybercriminals
The ransomware strain known as Play is now being offered to other threat actors "as a service," new evidence unearthed by Adlumin has revealed. "The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have...
MOVEit Mass-Hack Victim Count Grows to Over 2,600 Firms, 77 Million People
Welltok, a patient communication services provider, has notified over 1.6 million patients that their private healthcare data may have been stolen in the MOVEit breach, affecting healthcare providers such as Stanford Health Care and Sutter Health.
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. "ZPAQ is a file compression format that offers a better compression ratio and...
Hacker Leaks Vaccination Records of Over Two Million Turkish Citizens
The leaked data, which includes birth dates, vaccination dates and types, hospitals, and partial Turkish Identification Numbers, was likely obtained through an information disclosure vulnerability.
Detailed Data on Employees of US National Security Lab Leaked Online
The hacking group SiegedSec claimed responsibility for the breach and stated that they obtained a significant amount of personal information, including social security numbers and banking details.
How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography
Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and...
Rise in Automated Attacks Troubles E-Commerce Industry
Business logic attacks, which exploit the intended functionality of applications and APIs, have increased in the past year, making up 42.6% of attacks on retail sites and highlighting the vulnerability of the e-commerce industry.
FREE GUIDE