A Texas-based physical and occupational therapy provider is notifying nearly 4 million patients that they have joined the soaring tally of victims of a data theft incident at a Nevada medical transcription vendor last year. The supply chain hack appears to have affected at least 14 million people.
A nation-state hacking group run by Russian intelligence gained access to a Microsoft "legacy, non-production test tenant account" and used it to authorize malicious Office 365 OAuth applications, access Outlook, and steal Microsoft and customers' emails and attachments, Microsoft said.
A U.S. federal judge sentenced a Russian national to five years and four months in prison for his role in developing TrickBot malware. Vladimir Dunaev, 40, pleaded guilty in December. Dunaev helped develop the malware "while hiding behind his computer," U.S. Attorney Rebecca Lutzko said.
This week, Chainalysis reviewed 2023 crypto trends, Blockfence uncovered a $32 million rug pull, the U.S. CFTC cracked down on alleged pig butchering, the ex-IcomTech CEO was sentenced, hackers stole millions from Gamee, Socket recovered funds, and hackers exploited a flaw in Mailer Lite.
Federal authorities are warning of attacks on healthcare sector firms that use ConnectWise's remote access tool ScreenConnect. Hackers compromised a locally hosted version of the tool used by a large national pharmacy supply chain and managed services provider in 2023.
Supply chain attacks and zero-day exploits surged in 2023, helping to set yet another record for data breaches tracked by the Identity Theft Resource Center. James E. Lee, COO of the group, explained why the number of compromises grew so dramatically - from 1,801 incidents in 2022 to 3,205 in 2023.
Does a day ever go by without a fresh set of data breach notifications? Some organizations' breach notifications at least signal respect for the recipient. But others play it shadier, by resorting to marketing spin, minimizing the blame, and in some cases, even indulging in corporate cheerleading.
South Korea's intelligence agency has reported that North Korean hackers are using generative AI to conduct cyberattacks and search for hacking targets. Experts believe North Korea's AI capabilities are robust enough for more precise attacks on South Korea.
Hewlett Packard Enterprise in an after-hours regulatory filing disclosed that suspected Russian state hackers had gained access to corporate email inboxes for more than seven months. A threat group tracked as "Midnight Blizzard" first penetrated HPE's cloud-based email service in May 2023.
Hackers will use AI to carry out disinformation campaigns on a daily basis by mid-2024, potentially affecting political outcomes across over 50 countries. The results of the elections this year in powerful economies have real-world impact on human rights and international relations.
Two major water providers in the U.S. and U.K. report that they recently fell victim to ransomware attacks. In both cases, attackers appear to have stolen employee or customer data that they're now holding to ransom. Ransomware trackers say known attacks, affecting all sectors, have been surging.
Rumors are swirling about how the Department of Health and Human Services lost about $7.5 million in grant payments through a series of cyberattacks last year, including speculation over whether the incidents involved sophisticated AI-augmented spear-phishing or more commonplace fraud schemes.
The director of the U.S. Cybersecurity and Infrastructure Security Agency confirmed she was the apparent target of a swatting attack in which police responded to false calls of a shooting at her Virginia residence on Dec. 30, 2023. In a statement, Easterly described the experience as "harrowing."
The United States, Australia and the United Kingdom sanctioned a Russian man the governments say was behind the October 2022 hacking of Medibank, Australia's largest private health insurer. The attack was a high point in a wave of data breaches buffeting the country that year.
As if the cybercrime ecosystem wasn't already damaging enough, security researchers have discovered a malicious traffic broker named VexTrio, which affiliates hire to route victims to their malicious content that is often disguised via fake dating site profiles, tech support or browser updates.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.