A cybersecurity incident at an operator of major Australian maritime ports caused what a government official on Saturday called a "nationally significant" outage frustrating the movement of goods in and out of the country. The incident affects the ports of Sydney, Melbourne, Brisbane and Fremantle.
A ransomware attack affecting the New York financial services subsidiary of the Industrial and Commercial Bank of China resulted in disruptions to the U.S. Treasury market. Close observers of the criminal underground say ransomware-as-a-service group LockBit is responsible.
A Russian digital extortion gang behind a raft of attacks on file transfer applications is now targeting a newly patched vulnerability in SysAid IT support software. Attacks can lead to ransomware and data theft, tweeted Microsoft late on Wednesday.
Ransomware hackers have seized on an exploit of a recently disclosed zero-day vulnerability in Atlassian Confluence instances days after the company urged its customers to patch immediately. Atlassian on Monday elevated the bug's criticality to 10, the maximum possible on the CVSS scale.
Members of Armenian civil society say they have received warnings from Apple regarding commercial spyware. John Scott-Railton, a senior researcher at The Citizen Lab, tweeted that "Apple threat notifications are 'clear & invaluable' signs something serious is going on."
Atlassian added new urgency Thursday to a warning that customers with on-premises Confluence servers should patch immediately to protect against a vulnerability that attackers could exploit to destroy data. A publicly available exploit now exists for the vulnerability, tracked as CVE-2023-22518.
Canada accused China of running a social media disinformation campaign aimed at members of Parliament and Prime Minister Justin Trudeau. Global Affairs Canada attributed the campaign to an operation elsewhere traced to Chinese law enforcement and known as "Spamouflage."
India federal law enforcement busted tech scam fraud rings operating in locations across the subcontinent after Microsoft and Amazon shared intelligence with the Central Bureau of Investigation. Scammers allegedly operated call centers impersonating tech giant customer support.
Hackers used an updated malware framework dubbed Mata by Kaspersky to target more than a dozen oil, gas and defense sector companies in Eastern Europe, including air-gapped systems. Kaspersky previously associated Mata with North Korea but doesn't attribute this campaign to the Pyongyang regime.
Pro-Ukrainian hackers claimed responsibility for wiping the servers of the Trigona ransomware gang, a recently formed group that may have links to the Russian cybercriminal underground. "'Terrible Russian hackers,' yeah, yeah," wrote a self-described spokesman for the Ukrainian Cyber Alliance.
Cisco issued an urgent warning Monday about a critical vulnerability in one of its modular operating system's web interfaces that is designed for routers, switches and other appliances. Hackers exploited the IOS XE software UI to gain admin rights that give them full control of compromised devices.
A financially motivated hacking group turned cyberespionage operation targeted attendees of high-profile European conferences, including the Women Political Leaders Summit in Brussels. Threat actor Void Rabisu - also known as Tropical Scorpius and UNC2596 - has been honing its backdoor.
The zero-day campaign underpinning the May mass attack on Progress Software's MOVEit file transfer software is now the vulnerability fueling a flotilla of attorneys, the software vendor disclosed in a regulatory filing listing pending litigation and governmental investigations.
Amnesty International says the Vietnamese government is likely behind a wave of attempted Predator spyware infections against targets including members of the U.S. Congress and European officials. Central to the campaign was an account on social media network X (formerly Twitter).
Maintainers of the widely used open-source command-line tool cURL and libcurl library that supports key network protocols said two upcoming vulnerabilities are set to be disclosed this week. One flaw is probably "the worst curl security flaw in a long time," said curl founder Daniel Stenberg.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.