Cyberattack

Cyberattack / Recently Commented

Massive Data Breach Hits HCA: 11 Million Records Compromised

In what is currently the largest healthcare industry data breach, Hospital Corporation of America (HCA) has confirmed the theft of 11 million patient records. HCA, one of the country's most prominent healthcare providers, believes the breach originated from an external storage system used for email automation. more

Russian Cyberattack Disrupts Operations at Japan’s Largest Maritime Port: Global Threat Intensifies

Japan's largest maritime port, the Port of Nagoya, suffered significant disruption due to a cyberattack, allegedly by the Russian group Lockbit 3.0. The attack, involving ransomware that locks systems until a payment is made, resulted in a terminal outage on Tuesday, with operations expected to resume Thursday. more

Ransomware Attacks on US Hospitals Trigger Significant Ripple Effects on Neighboring Facilities

In a study published in the JAMA Network, evidence indicates that ransomware attacks on healthcare delivery organizations (HDOs) lead to substantial disruptions in patient care and emergency department workflows. more

Satellite Security Showdown: DEFCON’s Hack-A-Sat Competition Highlights the Rising Stakes of Space-Based Cybersecurity

As industries from agriculture to banking increasingly depend on space-based capabilities, safeguarding satellites from cyber threats has become paramount. In a groundbreaking move to address this, the U.S. military will stage Hack-A-Sat 4, a competition at the famed DEFCON hacker convention, inviting white-hat hacker teams to attempt to infiltrate and control computer systems on a satellite in orbit. more

Global Cyberattack Hits Several US Federal Agencies

Multiple US federal agencies are grappling with a global cyberattack exploiting a flaw in the widely-used MOVEit software. The US Cybersecurity and Infrastructure Security Agency (CISA) is working closely with the affected agencies to understand the impact and expedite remediation efforts. more

Ransomware Attacks Skyrocket: Median Cost Doubles to $26,000, Representing a Quarter of All Breaches, Reports Verizon

A report from Verizon Business's 16th annual Data Breach Investigations Report (DBIR) reveals a startling surge in the frequency and cost of cyberattacks. It analyzed 16,312 security incidents and 5,199 breaches, showing a sharp uptick in the cost of ransomware.  more

Gigabyte Motherboard Firmware Exposes Millions of PCs to Potential Cybersecurity Threats

In a potentially damaging cybersecurity revelation, researchers from the cybersecurity company Eclypsium have identified a hidden mechanism in the firmware of motherboards manufactured by Taiwanese company Gigabyte. more

Stealth Cyberattacks by China’s Volt Typhoon Threaten U.S. Infrastructure: Microsoft Unmasks Espionage Campaign

Microsoft today disclosed the detection of covert and targeted malicious activity aimed at critical infrastructure organizations in the United States. The attack is orchestrated by a state-sponsored group from China, known as Volt Typhoon, with the suspected objective of disrupting the communication infrastructure between the U.S. and Asia during potential future crises. more

New Research Reveals Over 340 Million Accounts Compromised in the First Four Months of 2023

Recent research conducted by the Independent Advisor reveals that a significant number of accounts, exceeding 340 million, have been compromised due to business data breaches within the first four months of 2023. Notably, Twitter experienced the largest breach this year, impacting approximately 235 million user accounts. more

U.S. Targets Russian Mastermind Behind Dominant Ransomware Landscape, Offers $10 Million Reward

The U.S. government has declared criminal charges, economic sanctions, and a $10 million reward for information leading to the arrest of a Russian citizen, Mikhail Matveev. Accused of a series of ransomware attacks, Matveev's alleged operations, known as Babuk, have targeted entities such as the D.C. police, an airline, and other American industries. more

US Justice Department and FBI Dismantle Long-Running Russian State-Sponsored Cyber-Espionage Operation Targeting NATO

The United States Department of Justice has announced that it has neutralized a global network of computers compromised by malware called "Snake," which the U.S. government attributes to a unit within Center 16 of the Federal Security Service of the Russian Federation (FSB). more

How You Can Be Hijacked Without Actually Being Hacked

Unsuspecting website visitors are often unaware when they have landed on a spoofed page or are re-directed to malware-hosting web servers designed to steal their sensitive data and information. This attack is known as subdomain hijacking, or subdomain takeover. A web user's private information is then traded on the dark web, and cybercriminals profit, further fueling the expansion of identity theft in the online world. more

FBI Director Warns of Vastly Outnumbered US Cyber Intelligence Staff in Face of Chinese Hackers

The Federal Bureau of Investigation (FBI) is facing a massive cybersecurity challenge as the U.S. is vastly outnumbered by Chinese hackers, according to FBI Director Christopher Wray. In testimony before the House Appropriations Subcommittee on Thursday, Wray urged Congress to provide the FBI with more funds to bolster its cyber intelligence staff. more

Risk vs Benefit: The Impact of Shorter 90-Day SSL Certificate Life Cycles

In today's digital age, securing your website and ensuring your users' safety has never been more critical. Secure sockets layer (SSL) certificates are the go-to solution for securing websites by encrypting the data transmitted between web servers and browsers. Historically, SSL digital certificates could be valid for years, after which they had to be renewed or replaced.  more

Microsoft, Fortra, and Health-ISAC Take Legal Action Against the Abuse of Cobalt Strike to Combat Ransomware Attacks

A group of companies, including Microsoft, have collaborated to launch a major action to disrupt the use of cracked, legacy copies of the security tool Cobalt Strike which cybercriminals have abused to deploy ransomware. more