Latest Cybersecurity News and Articles
03 July 2024
The US Department of Health and Human Services has levied a fine of $950,000 from the Heritage Valley Health System in Pennsylvania. It must address potential HIPAA violations after a ransomware attack in 2017.
03 July 2024
Industry groups are seeking further clarification on delegation processes and want a clear statement that covered entities without a business associate relationship with Change Healthcare are not obliged to notify patients.
03 July 2024
The criminal gang targeted elderly Spanish citizens by posing as bank employees through voice phishing and then showing up unannounced at their homes to collect cards, bank details, and PINs.
03 July 2024
The group uses a mix of publicly available malware and custom development to carry out their attacks. They have been using custom WordPress websites as a payload delivery mechanism.
03 July 2024
Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred to OSINT as the “INT of first resort”. Public and private sector organizations are realizing the value that the discipline can provide but are also finding that the exponential growth of digital data in recent years has overwhelmed many traditional OSINT
03 July 2024
The vulnerability, tracked as CVE-2024-6071, affects version 20.7.0.0 and earlier, and allows unauthenticated remote attackers to execute arbitrary OS commands on the server through a web interface.
03 July 2024
Nearly two-thirds of payments professionals in the UK believe that fraud is the most urgent financial crime threat, with authorized push payment (APP) scams being the top concern, according to a survey by The Payments Association.
03 July 2024
Google has announced that starting November 1, 2024, Chrome version 127 and higher will no longer trust new TLS server authentication certificates from Entrust and AffirmTrust.
03 July 2024
Unknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called MerkSpy as part of a campaign primarily targeting users in Canada, India, Poland, and the U.S.
"MerkSpy is designed to clandestinely monitor user activities, capture sensitive information, and establish persistence on compromised systems," Fortinet FortiGuard
03 July 2024
Google has issued patches for 25 security vulnerabilities in the Android operating system. One critical bug, known as CVE-2024-31320, affects Android versions 12 and 12L, enabling privilege escalation.
03 July 2024
The nature of defense is inherently stacked against defenders, as cybercriminals aim to disrupt systems while defenders manage complex tech stacks. Additionally, the rapid evolution of technology means defenders are always playing catch-up.
03 July 2024
The Federal Communications Commission (FCC) has proposed draft final rules to enhance the security of public alert and warning systems in the face of emerging cybersecurity threats.
03 July 2024
According to a survey by Rockwell Automation, vehicle and automotive supply manufacturers ranked cybersecurity as their biggest external concern. Cyberattacks resulted in $11.8 billion in damages during the first half of 2023 alone.
03 July 2024
Hackers are using polyglot files, which can fit into multiple file formats and evade detection by endpoint detection and response systems. Research indicates that some commercial EDR tools have a 0% detection rate for malicious polyglots.
03 July 2024
The ruling may lead to legal challenges against recent cybersecurity regulations, including the 2023 cyber incident reporting requirements by the Securities and Exchange Commission (SEC).
03 July 2024
The loader-as-a-service (LaaS) known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by download technique this year, findings from Sekoia reveal.
"FakeBat primarily aims to download and execute the next-stage payload, such as IcedID, Lumma, RedLine, SmokeLoader, SectopRAT, and Ursnif," the company said in a Tuesday analysis.
Drive-by attacks
02 July 2024
Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver.
The campaign, believed to be highly targeted in nature, "leverage target-specific infrastructure and custom WordPress websites as a payload delivery mechanism, but affect a variety of entities across unrelated verticals, and rely on
02 July 2024
An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor.
The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap with that of Andariel, a sub-cluster within the
02 July 2024
Cybersecurity firm Rapid7 has announced to acquired Noetic Cyber, a startup specializing in cyber asset attack surface management (CAASM). The terms of the deal were not disclosed.
02 July 2024
According to a new analysis by Comparitech, the average ransom demand per ransomware attack in the first half of 2024 was over $5.2m (£4.1m). This was calculated from 56 known ransom demands issued by threat actors during that period.