A group of nine DNS vulnerabilities in four popular TCP/IP stacks used in more than 100 million enterprise, consumer, and industrial IoT devices pose a critical risk of hacking or remote code execution...
Data extortion was once seen as a rare, or potential threat, rather than a pressing issue, while ransomware and subsequent downtime were greater concerns for healthcare cybersecurity. But...
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency shared another tool to support remediation of threats posed by the SolarWinds supply-chain attack. The new dashboard...
Ransomware threat actors are continuing to target the healthcare sector in droves. In the last month alone four hacking groups have posted data allegedly stolen from nine healthcare providers, while an...
Michigan-based Trinity Health recently notified 586,869 patients that their data was compromised during the hack on Accellion’s File Transfer Application (FTA). As the breach tally continues to...
An active cyberattack campaign was spotted in the wild, targeting systems running unpatched or misconfigured SAP systems. Threat actors are exploiting these vulnerabilities to gain full control of the...
Advanced persistent threat actors are actively exploiting unpatched vulnerabilities in Fortinet FortiOS platforms belonging to technology services, government agencies, and other private sector...
VMware issued a software update for its vRealize Operations, Cloud Foundation, and Lifecycle Manage to address two severe flaws that could allow an attacker to steal admin credentials and manipulate or...
The Department of Homeland Security Cybersecurity and Infrastructure Security Agency released another emergency directive designed to further mitigate vulnerabilities in on-prem Microsoft Exchange...
Multiple fraudulent COVID-19 vaccine, pharmacy, and other pandemic-related websites have been taken down, as a result of a federal government enforcement effort to combat fraud schemes and attacks...
Senior medical research personnel in the US and Israel are being targeted by a credential phishing campaign launched by a nation-state hacking group with ties to Iran, according to a new Proofpoint...
Mendelson Kornblum Orthopedic and Spine Specialists recently notified more than 28,000 patients that their data was exposed due to a vulnerability in its Picture Archiving and Communication Systems...
Around the world, healthcare entities are steadily making progress on vaccinating individuals against COVID-19. Many of these providers are relying on technology for vaccine appointment scheduling and...
The threat actors behind Mamba ransomware are weaponizing DiskCryptor, an open source full disk encryption software. The malware encrypts the entire drive, including the operating system, to restrict...
Internet-facing Windows devices are being targeted by an active malware campaign known as Purple Fox. Hackers are leveraging brute-force attempts against SMBs to deploy the malware, which has worming...
The number of phishing attacks targeting pharmacies and hospitals increased by 189 percent from December 2020 to February. These often large-scale campaigns correlated to hackers attempting to...
It’s been about three weeks since Microsoft released a software update for four-zero day flaws within on-prem Exchange servers and an estimated 30,000, or 8 percent, remain unpatched....
In the last few weeks, the ransomware hackers behind Conti, Babuk, and Avaddon leaked data they claim to have stolen from at least five healthcare entities, which should serve as a warning to the...
The FBI recently warned private sector entities that cybercriminals are increasingly leveraging business email compromise attacks against federal government agencies, which has hindered...
The Department of Health and Human Services Cybersecurity and Infrastructure Security Agency unveiled the CISA Hunt and Incident Response Program (CHIRP) tool, which is designed to support entities...