Massachusetts Attorney General Maura Healey says her office is probing the data breach at T-Mobile that exposed the personal information of 54 million people, including current, former and prospective customers of the carrier. The Federal Communications Commission is also investigating the incident.
Nine months after discover of the attack that targeted SolarWinds and clients of its network monitoring tool, the incident continues to spur investigations into what happened. The SEC is reportedly probing those businesses involved, and lawmakers want answers about the breach of DOJ emails.
"Silence is gold." So says ransomware operator Ragnar Locker, as it attempts to compel victims to pay its ransom demand without ever telling anyone - especially not police. But some ransomware-battling experts have been advocating the opposite, including mandatory reporting of all ransom payments.
Last weekend’s confirmed attack on the Jenkins project using a recently discovered vulnerability in the Atlassian Confluence server could be the tip of the iceberg, suggests a security researcher who says thousands of Confluence servers remain vulnerable.
The personal data of at least 1.3 million Indonesian residents, stored on two government-developed COVID-19 tracking apps, PeduliLindungi and eHAC, has been leaked online, according to security researchers. President Joko Widodo is among those affected.
Google has identified three critical vulnerabilities affecting several Netgear smart switch products that, if exploited, give the attacker complete control over the compromised device. Netgear has issued a security advisory confirming that it has issued patches for 20 impacted products.
Several security vulnerabilities in infusion pump products from B. Braun could collectively allow malicious actors to modify the dose of medicines delivered to patients, says Douglas McKee, a security researcher on a McAfee Enterprise team that recently discovered the flaws.
Cyber Command and the U.S. Cybersecurity and Infrastructure Security Agency issued alerts Friday warning those using Atlassian's Confluence and Data Center products that attackers are actively exploiting the critical remote code execution vulnerability CVE-2021-26084.
Autodesk, a California-based design software and 3D technology firm, now says it was one of several tech and security companies targeted by a Russian-linked group that carried out the supply chain attack against SolarWinds, according to a financial filing with the SEC.
Security firm Cisco Talos reported this week that cybercriminals have found a new way to make money from their victims, by abusing internet-sharing "proxyware" platforms such as Honeygain and Nanowire to illegally share their victim’s internet connection.
The latest edition of the ISMG Security Report features an analysis of data breach trends. Also featured: yet another Microsoft Exchange vulnerability and misconceptions about cybercrime groups.
The House began debate Wednesday on legislation that would require companies that own or operate parts of the nation's critical infrastructure to report a cyberattack or breach within 72 hours of confirmation.
After suffering a network systems outage that lasted at least a week in July, DuPage Medical Group, the largest multispeciality group practice in Illinois, is now reporting a data breach affecting more than 655,000 individuals.
Users of OpenSea, a marketplace for blockchain-based digital assets such as crypto collectibles and non-fungible tokens, are being targeted by scammers pretending to be the company's support staff on Discord. The attackers exploited a method OpenSea uses to service support tickets on Discord.
Because a relatively small number of individuals provide the vast majority of services and infrastructure that power cybercrime, they remain top targets for arrest - or at least disruption - by law enforcement authorities, says cybercrime expert Alan Woodward. But of course, geopolitics sometimes gets in the way.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.