A security flaw in Kafdrop, an open-source user interface and management interface for distributed event-streaming platform Apache Kafka, has exposed data of "major global players ... in healthcare, insurance, media and IoT," a report by cybersecurity company Spectral says.
Nearly $200 million has reportedly been stolen from the cryptocurrency exchange BitMart, one of the top centralized crypto exchanges by volume, according to China-based blockchain analytics firm PeckShield, which tracked the heist beginning Saturday.
A medical biller in Florida and an emergency medical technician in New York have each pleaded guilty in two separate federal cases involving the criminal misuse of patient information. One case involved healthcare fraud and identity theft, and the other criminal HIPAA violations.
Good news on the breach prevention and incident response front: More businesses are getting more mature practices in place, although as attackers continue to improve their efforts, so too must defenders, says incident response expert Rocco Grillo of consultancy Alvarez & Marsal.
In October, Missouri's governor accused a journalist of hacking after he alerted the state to exposed personal information on a state education website. Now, emails reveal that state planned on thanking him before it chose to pursue prosecution and that the FBI immediately dismissed the incident.
A suspected Russian group blamed for the SolarWinds compromise in 2020 is continuing to innovate and is infiltrating technology services and resellers, according to a new report from Mandiant. Mandiant says the group, which it calls UNC2452 and Microsoft calls Nobelium, practices "top-notch operational security."
The FBI warns that the "Cuba" ransomware-wielding attackers have extorted $43.9 million in ransom payments from victims after compromising at least 49 organizations across five critical infrastructure sectors - financial services, government, healthcare, manufacturing and IT - since early November.
A security researcher says a misconfigured, non-password-protected database of a healthcare staffing company potentially exposed the personal information in about 170,000 medical worker records. The staffing firm, however, disputes the details of what was allegedly contained in the database.
The U.S. Transportation Security Administration has issued new security directives for higher-risk freight railroads, passenger rail, and rail transit that it says will strengthen cybersecurity across the transportation sector in response to growing threats to critical infrastructure.
The Bioeconomy Information Sharing and Analysis Center is warning biotechnology organizations, including vaccine makers and other biomanufacturers, of escalating threats involving Tardigrade malware, which experts say is used to launch ransomware and other potentially serious attacks.
A former employee of a New York-based technology company, likely to be IoT technology company Ubiquiti, has been arrested for stealing confidential data and extorting his employer for nearly $2 million. If convicted, the suspect faces up to 37 years in prison.
Advanced voice impersonation and deepfake technologies are giving rise to cybercrime groups that offer Vishing-as-a-Service, security researchers say. Vishing is proving to be successful in tricking victims and bypassing voice authorization mechanisms.
Many ransomware-wielding attackers continue to rely on initial access brokers to easily gain deep access to victims' systems, allowing them to steal data and attempt to pressure victims into paying via data leak sites. Researchers say that the number of victims being listed on such sites has surged.
Multiple APT groups from Russia, China and India are adopting a new phishing attack technique using RTF template injection, which makes attacks harder to detect. The template is compatible with Microsoft Office, which makes it easier for an attacker to open or edit these documents.
Your users - and the resources they use - are in multiple locations. IT teams are tasked with enabling everyone to work securely in an increasingly distributed environment.
Read this solution brief to learn more about
Provide secure connectivity from any location: home, on-site, or in the office
Secure...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.
